Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/372103?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "type": "alpm", "namespace": "archlinux", "name": "virtualbox", "version": "6.1.20-1", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "6.1.24-1", "latest_non_vulnerable_version": "6.1.28-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/248617?format=api", "vulnerability_id": "VCID-2r65-7mst-7ff7", "summary": "Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2321", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36645", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36624", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36599", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36539", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36711", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36742", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.3658", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36633", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36651", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00158", "scoring_system": "epss", "scoring_elements": "0.36659", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2321" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2321" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2r65-7mst-7ff7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43137?format=api", "vulnerability_id": "VCID-3rtp-jbxr-1qey", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2286", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38165", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38161", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38179", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38143", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38119", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.3803", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.3821", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38233", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38103", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38153", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2286" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:53Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2286" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3rtp-jbxr-1qey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43090?format=api", "vulnerability_id": "VCID-4sk2-6fz1-6qd1", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29875", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29919", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29966", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.2984", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29884", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29838", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29788", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29807", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2264" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/04/26/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:48:20Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/04/26/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2021/04/26/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:48:20Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2021/04/26/2" }, { "reference_url": "https://security.archlinux.org/AVG-1870", "reference_id": "AVG-1870", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1870" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:48:20Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2264" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4sk2-6fz1-6qd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43110?format=api", "vulnerability_id": "VCID-7b9u-tggy-gqej", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2279", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07624", "scoring_system": "epss", "scoring_elements": "0.9183", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07624", "scoring_system": "epss", "scoring_elements": "0.91838", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07624", "scoring_system": "epss", "scoring_elements": "0.91845", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07624", "scoring_system": "epss", "scoring_elements": "0.91853", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07624", "scoring_system": "epss", "scoring_elements": "0.91866", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07624", "scoring_system": "epss", "scoring_elements": "0.91871", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07624", "scoring_system": "epss", "scoring_elements": "0.91875", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07624", "scoring_system": "epss", "scoring_elements": "0.91889", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2279" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:47:59Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-21-453/", "reference_id": "ZDI-21-453", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:47:59Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-453/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2279" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7b9u-tggy-gqej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43134?format=api", "vulnerability_id": "VCID-7d2s-r3zf-u7ag", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.4004", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40036", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40047", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.4001", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.3999", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39875", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40023", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40049", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.3997", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2283" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:42:40Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2283" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7d2s-r3zf-u7ag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43088?format=api", "vulnerability_id": "VCID-94zg-371b-qkdp", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2145", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53227", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53244", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53297", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53291", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53342", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53326", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53309", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53347", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53251", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53277", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2145" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T18:11:37Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-21-455/", "reference_id": "ZDI-21-455", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T18:11:37Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-455/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2145" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-94zg-371b-qkdp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43115?format=api", "vulnerability_id": "VCID-c7w5-yk8d-qkfb", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2280", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36174", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36189", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36195", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36158", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36132", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36058", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36253", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36286", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36122", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36171", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2280" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:42:45Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2280" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c7w5-yk8d-qkfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43136?format=api", "vulnerability_id": "VCID-cm61-d57b-1qhq", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2285", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.4004", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40036", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40047", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.4001", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.3999", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39875", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40023", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40049", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.3997", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2285" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:53Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2285" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cm61-d57b-1qhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43205?format=api", "vulnerability_id": "VCID-ctc7-nx1g-quh9", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2310", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45844", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45912", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45862", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45918", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45916", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45938", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45909", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45968", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45891", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2310" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:49Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-21-456/", "reference_id": "ZDI-21-456", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:49Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-456/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2310" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ctc7-nx1g-quh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43116?format=api", "vulnerability_id": "VCID-e7tk-fpb8-yugw", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2281", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38395", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38435", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38443", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38458", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38421", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.3836", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38497", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38521", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38384", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2281" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:42:44Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2281" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e7tk-fpb8-yugw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43159?format=api", "vulnerability_id": "VCID-f8a4-p5xx-sqab", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2296", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25945", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25835", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25904", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25956", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25966", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25921", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25862", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25866", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26069", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2296" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:47Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-21-459/", "reference_id": "ZDI-21-459", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:47Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-459/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2296" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f8a4-p5xx-sqab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43194?format=api", "vulnerability_id": "VCID-fuce-smna-wych", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2309", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.2616", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26051", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26117", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26166", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26174", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26129", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.2607", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26074", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26241", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26281", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2309" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:52Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-21-461/", "reference_id": "ZDI-21-461", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:52Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-461/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2309" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fuce-smna-wych" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43128?format=api", "vulnerability_id": "VCID-gguv-hvra-23ff", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2282", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36174", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36189", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36195", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36158", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36132", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36058", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36253", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36286", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36122", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36171", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2282" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:42:42Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2282" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gguv-hvra-23ff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43138?format=api", "vulnerability_id": "VCID-mtk7-rr3s-1ua6", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2287", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.4004", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40036", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40047", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.4001", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.3999", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39875", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40023", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40049", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.3997", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2287" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:52Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2287" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mtk7-rr3s-1ua6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43146?format=api", "vulnerability_id": "VCID-puye-vcas-s7dv", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38212", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38161", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38226", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38179", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38203", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38239", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.3822", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62125", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62186", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00425", "scoring_system": "epss", "scoring_elements": "0.62217", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2291" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:50Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-21-457/", "reference_id": "ZDI-21-457", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:50Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-457/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2291" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-puye-vcas-s7dv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43089?format=api", "vulnerability_id": "VCID-qbjr-mw28-9ufu", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2250", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35361", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35468", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35514", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35538", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35548", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35504", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35482", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35521", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3556", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35586", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2250" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:48:41Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-21-484/", "reference_id": "ZDI-21-484", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T14:48:41Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-484/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2250" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qbjr-mw28-9ufu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43185?format=api", "vulnerability_id": "VCID-t3m7-zvcc-3qar", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2306", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20186", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20274", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20299", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20253", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20194", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.202", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20349", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20409", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20134", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20216", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2306" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:36Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2306" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t3m7-zvcc-3qar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43135?format=api", "vulnerability_id": "VCID-u1n4-8wg1-cfea", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38165", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38161", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38179", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38143", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38119", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.3803", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.3821", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38233", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38103", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.38153", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2284" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:42:39Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2284" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u1n4-8wg1-cfea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43173?format=api", "vulnerability_id": "VCID-xh4p-m9fs-y3eb", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2297", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25945", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25835", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25904", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25956", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25966", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25921", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25862", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25866", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26069", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2297" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:46Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" }, { "reference_url": "https://www.zerodayinitiative.com/advisories/ZDI-21-462/", "reference_id": "ZDI-21-462", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:46Z/" } ], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-462/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2297" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xh4p-m9fs-y3eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43095?format=api", "vulnerability_id": "VCID-y4xt-atn4-g7bv", "summary": "Multiple vulnerabilities have been discovered in Oracle Virtualbox, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2266", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.2199", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22078", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22093", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22052", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21992", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21951", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22112", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.2216", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21943", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22023", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2266" }, { "reference_url": "https://security.archlinux.org/ASA-202104-9", "reference_id": "ASA-202104-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202104-9" }, { "reference_url": "https://security.archlinux.org/AVG-1846", "reference_id": "AVG-1846", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1846" }, { "reference_url": "https://security.gentoo.org/glsa/202208-36", "reference_id": "GLSA-202208-36", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:42:48Z/" } ], "url": "https://security.gentoo.org/glsa/202208-36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372103?format=api", "purl": "pkg:alpm/archlinux/virtualbox@6.1.20-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" } ], "aliases": [ "CVE-2021-2266" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y4xt-atn4-g7bv" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1" }