Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-9nw5-sjhs-qkcd
SummaryVulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.0.38 and Prior to 5.1.20. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
Aliases
0
alias CVE-2017-3563
Fixed_packages
0
url pkg:deb/debian/virtualbox@5.1.20-dfsg-1?distro=sid
purl pkg:deb/debian/virtualbox@5.1.20-dfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@5.1.20-dfsg-1%3Fdistro=sid
1
url pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid
2
url pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid
3
url pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid
purl pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3563
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43555
published_at 2026-05-14T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.4343
published_at 2026-05-05T12:55:00Z
2
value 0.00212
scoring_system epss
scoring_elements 0.43505
published_at 2026-05-07T12:55:00Z
3
value 0.00212
scoring_system epss
scoring_elements 0.43523
published_at 2026-05-09T12:55:00Z
4
value 0.00212
scoring_system epss
scoring_elements 0.4346
published_at 2026-05-11T12:55:00Z
5
value 0.00212
scoring_system epss
scoring_elements 0.4349
published_at 2026-05-12T12:55:00Z
6
value 0.00212
scoring_system epss
scoring_elements 0.43677
published_at 2026-04-01T12:55:00Z
7
value 0.00212
scoring_system epss
scoring_elements 0.43732
published_at 2026-04-12T12:55:00Z
8
value 0.00212
scoring_system epss
scoring_elements 0.43757
published_at 2026-04-04T12:55:00Z
9
value 0.00212
scoring_system epss
scoring_elements 0.43691
published_at 2026-04-07T12:55:00Z
10
value 0.00212
scoring_system epss
scoring_elements 0.43741
published_at 2026-04-08T12:55:00Z
11
value 0.00212
scoring_system epss
scoring_elements 0.43745
published_at 2026-04-09T12:55:00Z
12
value 0.00212
scoring_system epss
scoring_elements 0.43764
published_at 2026-04-11T12:55:00Z
13
value 0.00212
scoring_system epss
scoring_elements 0.43715
published_at 2026-04-13T12:55:00Z
14
value 0.00212
scoring_system epss
scoring_elements 0.43777
published_at 2026-04-16T12:55:00Z
15
value 0.00212
scoring_system epss
scoring_elements 0.43768
published_at 2026-04-18T12:55:00Z
16
value 0.00212
scoring_system epss
scoring_elements 0.437
published_at 2026-04-21T12:55:00Z
17
value 0.00212
scoring_system epss
scoring_elements 0.43637
published_at 2026-04-24T12:55:00Z
18
value 0.00212
scoring_system epss
scoring_elements 0.43642
published_at 2026-04-26T12:55:00Z
19
value 0.00212
scoring_system epss
scoring_elements 0.43559
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3563
1
reference_url https://www.exploit-db.com/exploits/41908/
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:17Z/
url https://www.exploit-db.com/exploits/41908/
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:17Z/
url http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
3
reference_url http://www.securityfocus.com/bid/97732
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:17Z/
url http://www.securityfocus.com/bid/97732
4
reference_url http://www.securitytracker.com/id/1038288
reference_id
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:17Z/
url http://www.securitytracker.com/id/1038288
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*
6
reference_url https://bugs.chromium.org/p/project-zero/issues/detail?id=1103
reference_id CVE-2017-3563
reference_type exploit
scores
url https://bugs.chromium.org/p/project-zero/issues/detail?id=1103
7
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86-64/local/41908.txt
reference_id CVE-2017-3563
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86-64/local/41908.txt
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-3563
reference_id CVE-2017-3563
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-3563
Weaknesses
0
cwe_id 295
name Improper Certificate Validation
description The product does not validate, or incorrectly validates, a certificate.
Exploits
0
date_added 2017-04-20
description Oracle VM VirtualBox 5.0.32 r112930 (x64) - Windows Process COM Injection Privilege Escalation
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2017-04-20
exploit_type local
platform windows_x86-64
source_date_updated 2017-04-25
data_source Exploit-DB
source_url https://bugs.chromium.org/p/project-zero/issues/detail?id=1103
Severity_range_score4.6 - 8.8
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-9nw5-sjhs-qkcd