Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-mk2k-55zf-duba
Summarysecurity update
Aliases
0
alias CVE-2015-8612
Fixed_packages
0
url pkg:deb/debian/blueman@1.23-1%2Bdeb7u1
purl pkg:deb/debian/blueman@1.23-1%2Bdeb7u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jgqj-mqt7-vucy
1
vulnerability VCID-mk2k-55zf-duba
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/blueman@1.23-1%252Bdeb7u1
1
url pkg:deb/debian/blueman@1.99~alpha1-1%2Bdeb8u1
purl pkg:deb/debian/blueman@1.99~alpha1-1%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jgqj-mqt7-vucy
1
vulnerability VCID-mk2k-55zf-duba
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/blueman@1.99~alpha1-1%252Bdeb8u1
2
url pkg:deb/debian/blueman@2.0.3-1?distro=trixie
purl pkg:deb/debian/blueman@2.0.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/blueman@2.0.3-1%3Fdistro=trixie
3
url pkg:deb/debian/blueman@2.0.4-1~bpo8%2B1
purl pkg:deb/debian/blueman@2.0.4-1~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jgqj-mqt7-vucy
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/blueman@2.0.4-1~bpo8%252B1
4
url pkg:deb/debian/blueman@2.1.4-1?distro=trixie
purl pkg:deb/debian/blueman@2.1.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/blueman@2.1.4-1%3Fdistro=trixie
5
url pkg:deb/debian/blueman@2.3.5-2?distro=trixie
purl pkg:deb/debian/blueman@2.3.5-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/blueman@2.3.5-2%3Fdistro=trixie
6
url pkg:deb/debian/blueman@2.4.4-1?distro=trixie
purl pkg:deb/debian/blueman@2.4.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/blueman@2.4.4-1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/blueman@1.21-4.1
purl pkg:deb/debian/blueman@1.21-4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jgqj-mqt7-vucy
1
vulnerability VCID-mk2k-55zf-duba
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/blueman@1.21-4.1
1
url pkg:deb/debian/blueman@1.23-1%2Bdeb7u1
purl pkg:deb/debian/blueman@1.23-1%2Bdeb7u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jgqj-mqt7-vucy
1
vulnerability VCID-mk2k-55zf-duba
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/blueman@1.23-1%252Bdeb7u1
2
url pkg:deb/debian/blueman@1.23-git201312311147-1~bpo70%2B1
purl pkg:deb/debian/blueman@1.23-git201312311147-1~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jgqj-mqt7-vucy
1
vulnerability VCID-mk2k-55zf-duba
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/blueman@1.23-git201312311147-1~bpo70%252B1
3
url pkg:deb/debian/blueman@1.99~alpha1-1
purl pkg:deb/debian/blueman@1.99~alpha1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jgqj-mqt7-vucy
1
vulnerability VCID-mk2k-55zf-duba
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/blueman@1.99~alpha1-1
4
url pkg:deb/debian/blueman@1.99~alpha1-1%2Bdeb8u1
purl pkg:deb/debian/blueman@1.99~alpha1-1%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-jgqj-mqt7-vucy
1
vulnerability VCID-mk2k-55zf-duba
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/blueman@1.99~alpha1-1%252Bdeb8u1
References
0
reference_url http://packetstormsecurity.com/files/135047/Slackware-Security-Advisory-blueman-Updates.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/135047/Slackware-Security-Advisory-blueman-Updates.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8612
reference_id
reference_type
scores
0
value 0.23109
scoring_system epss
scoring_elements 0.95942
published_at 2026-04-18T12:55:00Z
1
value 0.23109
scoring_system epss
scoring_elements 0.95937
published_at 2026-04-16T12:55:00Z
2
value 0.23109
scoring_system epss
scoring_elements 0.95888
published_at 2026-04-01T12:55:00Z
3
value 0.23109
scoring_system epss
scoring_elements 0.95897
published_at 2026-04-02T12:55:00Z
4
value 0.23109
scoring_system epss
scoring_elements 0.95906
published_at 2026-04-04T12:55:00Z
5
value 0.23109
scoring_system epss
scoring_elements 0.95909
published_at 2026-04-07T12:55:00Z
6
value 0.23109
scoring_system epss
scoring_elements 0.95918
published_at 2026-04-08T12:55:00Z
7
value 0.23109
scoring_system epss
scoring_elements 0.95921
published_at 2026-04-09T12:55:00Z
8
value 0.23109
scoring_system epss
scoring_elements 0.95924
published_at 2026-04-12T12:55:00Z
9
value 0.23109
scoring_system epss
scoring_elements 0.95926
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8612
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8612
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8612
3
reference_url https://github.com/blueman-project/blueman/issues/416
reference_id
reference_type
scores
url https://github.com/blueman-project/blueman/issues/416
4
reference_url https://github.com/blueman-project/blueman/releases/tag/2.0.3
reference_id
reference_type
scores
url https://github.com/blueman-project/blueman/releases/tag/2.0.3
5
reference_url https://twitter.com/thegrugq/status/677809527882813440
reference_id
reference_type
scores
url https://twitter.com/thegrugq/status/677809527882813440
6
reference_url https://www.exploit-db.com/exploits/46186/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/46186/
7
reference_url http://www.debian.org/security/2015/dsa-3427
reference_id
reference_type
scores
url http://www.debian.org/security/2015/dsa-3427
8
reference_url http://www.openwall.com/lists/oss-security/2015/12/18/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2015/12/18/6
9
reference_url http://www.openwall.com/lists/oss-security/2015/12/19/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2015/12/19/1
10
reference_url http://www.securityfocus.com/bid/79688
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/79688
11
reference_url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.421085
reference_id
reference_type
scores
url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.421085
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blueman_project:blueman:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:blueman_project:blueman:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:blueman_project:blueman:*:*:*:*:*:*:*:*
13
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46186.rb
reference_id CVE-2015-8612
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46186.rb
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8612
reference_id CVE-2015-8612
reference_type
scores
0
value 7.2
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:C/I:C/A:C
1
value 8.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2015-8612
15
reference_url https://raw.githubusercontent.com/rapid7/metasploit-framework/a73fe9433bf72e7a3681f0f582dea953fad9eb79/modules/exploits/linux/local/blueman_set_dhcp_handler_dbus_priv_esc.rb
reference_id CVE-2015-8612
reference_type exploit
scores
url https://raw.githubusercontent.com/rapid7/metasploit-framework/a73fe9433bf72e7a3681f0f582dea953fad9eb79/modules/exploits/linux/local/blueman_set_dhcp_handler_dbus_priv_esc.rb
Weaknesses
0
cwe_id 264
name Permissions, Privileges, and Access Controls
description Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.
Exploits
0
date_added 2019-01-16
description blueman - set_dhcp_handler D-Bus Privilege Escalation (Metasploit)
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2019-01-16
exploit_type local
platform linux
source_date_updated 2019-01-16
data_source Exploit-DB
source_url https://raw.githubusercontent.com/rapid7/metasploit-framework/a73fe9433bf72e7a3681f0f582dea953fad9eb79/modules/exploits/linux/local/blueman_set_dhcp_handler_dbus_priv_esc.rb
1
date_added null
description 
This module attempts to gain root privileges by exploiting a Python
          code injection vulnerability in blueman versions prior to 2.0.3.

          The `org.blueman.Mechanism.EnableNetwork` D-Bus interface exposes the
          `set_dhcp_handler` function which uses user input in a call to `eval`,
          without sanitization, resulting in arbitrary code execution as root.

          This module has been tested successfully with blueman version 1.23
          on Debian 8 Jessie (x64).
required_action null
due_date null
notes 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
known_ransomware_campaign_use false
source_date_published 2015-12-18
exploit_type null
platform Linux
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/linux/local/blueman_set_dhcp_handler_dbus_priv_esc.rb
Severity_range_score7.2 - 8.4
Exploitability2.0
Weighted_severity7.6
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-mk2k-55zf-duba