Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-j4ay-sffd-zbat

Summary Firejail before 0.9.60 allows truncation (resizing to length 0) of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated. To succeed, certain conditions need to be fulfilled: The jail (with the exploit code inside) needs to be started as root, and it also needs to be terminated as root from the host (either by stopping it ungracefully (e.g., SIGKILL), or by using the --shutdown control command). This is similar to CVE-2019-5736.

Aliases

alias	CVE-2019-12499

Fixed_packages

url	pkg:deb/debian/firejail@0.9.58.2-2?distro=trixie
purl	pkg:deb/debian/firejail@0.9.58.2-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.58.2-2%3Fdistro=trixie

url pkg:deb/debian/firejail@0.9.58.2-2%2Bdeb10u3

purl pkg:deb/debian/firejail@0.9.58.2-2%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-56sf-yfk6-1key

vulnerability	VCID-9auq-b7rs-5fe2

vulnerability	VCID-eud3-k24q-6ber

vulnerability	VCID-uzv4-9xtx-ryhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.58.2-2%252Bdeb10u3

url	pkg:deb/debian/firejail@0.9.64.4-2%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/firejail@0.9.64.4-2%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.64.4-2%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/firejail@0.9.72-2?distro=trixie
purl	pkg:deb/debian/firejail@0.9.72-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.72-2%3Fdistro=trixie

url	pkg:deb/debian/firejail@0.9.74-1?distro=trixie
purl	pkg:deb/debian/firejail@0.9.74-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.74-1%3Fdistro=trixie

url	pkg:deb/debian/firejail@0.9.80-1?distro=trixie
purl	pkg:deb/debian/firejail@0.9.80-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.80-1%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/firejail@0.9.44.8-2~bpo8%2B1

purl pkg:deb/debian/firejail@0.9.44.8-2~bpo8%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-56sf-yfk6-1key

vulnerability	VCID-9auq-b7rs-5fe2

vulnerability	VCID-eud3-k24q-6ber

vulnerability	VCID-j4ay-sffd-zbat

vulnerability	VCID-uzv4-9xtx-ryhr

vulnerability	VCID-wr4q-yy27-7qar

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.44.8-2~bpo8%252B1

url pkg:deb/debian/firejail@0.9.44.8-2

purl pkg:deb/debian/firejail@0.9.44.8-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-56sf-yfk6-1key

vulnerability	VCID-9auq-b7rs-5fe2

vulnerability	VCID-eud3-k24q-6ber

vulnerability	VCID-j4ay-sffd-zbat

vulnerability	VCID-uzv4-9xtx-ryhr

vulnerability	VCID-wr4q-yy27-7qar

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/firejail@0.9.44.8-2

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12499

reference_id

reference_type

scores

value	0.01341
scoring_system	epss
scoring_elements	0.79966
published_at	2026-04-01T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.79973
published_at	2026-04-02T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.79995
published_at	2026-04-04T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.79985
published_at	2026-04-07T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.80014
published_at	2026-04-08T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.80022
published_at	2026-04-09T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.80042
published_at	2026-04-11T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.80026
published_at	2026-04-12T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.80018
published_at	2026-04-13T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.80046
published_at	2026-04-18T12:55:00Z

value	0.01341
scoring_system	epss
scoring_elements	0.80048
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12499

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12499
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12499

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929733
reference_id	929733
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929733

Weaknesses

Exploits

Severity_range_score null

Exploitability 0.5

Weighted_severity 0.0

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j4ay-sffd-zbat

Vulnerability Instance