CVE-2026-33817 - Vulnerability Details

CVE confirmed to be a false positive

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00012.

Exploitation none

Automatable no

Technical Impact partial

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Etcd-io Subscribe	Bbolt Subscribe

Project Subscriptions

Vendors	Products
Etcd-io Subscribe	Bbolt Subscribe

Advisories

Source	ID	Title
Github GHSA	GHSA-6jwv-w5xf-7j27	go.etcd.io/bbolt affected by index out-of-range vulnerability

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/etcd-io/bbolt/pull/1171/changes/386d5b69785937d1aa20cb25c8439404cf398143
https://github.com/golang/vulndb/issues/4923
https://nvd.nist.gov/vuln/detail/CVE-2026-33817
https://pkg.go.dev/vuln/GO-2026-4923
https://www.cve.org/CVERecord?id=CVE-2026-33817

History

Wed, 08 Apr 2026 17:45:00 +0000

Type	Values Removed	Values Added
Description	(This report has been withdrawn with reason: "Reporter and maintainer have confirmed this as false positive"). Index out-of-range when encountering a branch page with zero elements in go.etcd.io/bbolt	CVE confirmed to be a false positive
Title	WITHDRAWN: out-of-range-index in go.etcd.io/bbolt	Vulnerability in go.etcd.io/bbolt

Wed, 08 Apr 2026 16:00:00 +0000

Type	Values Removed	Values Added
Description	Index out-of-range when encountering a branch page with zero elements in go.etcd.io/bbolt	(This report has been withdrawn with reason: "Reporter and maintainer have confirmed this as false positive"). Index out-of-range when encountering a branch page with zero elements in go.etcd.io/bbolt
Title	Vulnerability in go.etcd.io/bbolt	WITHDRAWN: out-of-range-index in go.etcd.io/bbolt

Wed, 08 Apr 2026 00:15:00 +0000

Type	Values Removed	Values Added
References		https://nvd.nist.gov/vuln/detail/CVE-2026-33817 https://www.cve.org/CVERecord?id=CVE-2026-33817
Metrics	threat_severity `None`	threat_severity `Moderate`

Tue, 07 Apr 2026 09:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Etcd-io Etcd-io bbolt
Vendors & Products		Etcd-io Etcd-io bbolt

Tue, 07 Apr 2026 00:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-125
Metrics		cvssV3_1 `{'score': 6.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 06 Apr 2026 20:00:00 +0000

Type	Values Removed	Values Added
Description		Index out-of-range when encountering a branch page with zero elements in go.etcd.io/bbolt
Title		Vulnerability in go.etcd.io/bbolt
References		https://github.com/etcd-io/bbolt/pull/1171/changes/386d5b69785937d1aa20cb25c8439404cf398143 https://github.com/golang/vulndb/issues/4923 https://pkg.go.dev/vuln/GO-2026-4923

Projects

Sign in to view the affected projects.

MITRE

Status: REJECTED

Assigner: Go

Published: 2026-04-06T18:13:23.996Z

Updated: 2026-04-08T17:08:34.464Z

Reserved: 2026-03-23T20:35:32.815Z

Link: CVE-2026-33817

Vulnrichment

Updated: 2026-04-06T19:23:47.201Z

NVD

Status : Rejected

Published: 2026-04-06T19:16:27.677

Modified: 2026-04-08T18:26:00.870

Link: CVE-2026-33817

Redhat

Severity : Moderate

Publid Date: 2026-04-06T18:13:23Z

Links: CVE-2026-33817 - Bugzilla

OpenCVE Enrichment

Updated: 2026-04-08T19:50:35Z

Weaknesses

CWE-125

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object