Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-8vpe-4asg-bqaa

Summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

Aliases

alias	CVE-2018-3295

Fixed_packages

url	pkg:deb/debian/virtualbox@5.2.20-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@5.2.20-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@5.2.20-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-3295

reference_id

reference_type

scores

value	0.11289
scoring_system	epss
scoring_elements	0.935
published_at	2026-04-02T12:55:00Z

value	0.11289
scoring_system	epss
scoring_elements	0.93543
published_at	2026-04-16T12:55:00Z

value	0.11289
scoring_system	epss
scoring_elements	0.93519
published_at	2026-04-09T12:55:00Z

value	0.11289
scoring_system	epss
scoring_elements	0.93524
published_at	2026-04-13T12:55:00Z

value	0.11289
scoring_system	epss
scoring_elements	0.93491
published_at	2026-04-01T12:55:00Z

value	0.11289
scoring_system	epss
scoring_elements	0.93508
published_at	2026-04-07T12:55:00Z

value	0.11289
scoring_system	epss
scoring_elements	0.93516
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-3295

reference_url

http://www.securitytracker.com/id/1041887

reference_id

1041887

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:15:53Z/

url

http://www.securitytracker.com/id/1041887

reference_url

http://www.securityfocus.com/bid/105619

reference_id

105619

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:15:53Z/

url

http://www.securityfocus.com/bid/105619

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8vpe-4asg-bqaa

Vulnerability Instance