Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-6v66-95ez-u7ev

Summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).

Aliases

alias	CVE-2019-2521

Fixed_packages

url	pkg:deb/debian/virtualbox@5.2.24-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@5.2.24-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@5.2.24-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid

Affected_packages

References

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:56:18Z/

url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-2521

reference_id

reference_type

scores

value	0.00136
scoring_system	epss
scoring_elements	0.33132
published_at	2026-05-14T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33116
published_at	2026-05-09T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33027
published_at	2026-05-11T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33052
published_at	2026-05-12T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33366
published_at	2026-04-01T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33504
published_at	2026-04-02T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33536
published_at	2026-04-04T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33377
published_at	2026-04-07T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33422
published_at	2026-04-08T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33456
published_at	2026-04-09T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.3346
published_at	2026-04-11T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33419
published_at	2026-04-12T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33395
published_at	2026-04-13T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33431
published_at	2026-04-16T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33406
published_at	2026-04-18T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33375
published_at	2026-04-21T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33219
published_at	2026-04-24T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33202
published_at	2026-04-26T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33122
published_at	2026-04-29T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33009
published_at	2026-05-05T12:55:00Z

value	0.00136
scoring_system	epss
scoring_elements	0.33078
published_at	2026-05-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-2521

reference_url

http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:56:18Z/

url

http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

reference_url

http://www.securityfocus.com/bid/106568

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:56:18Z/

url

http://www.securityfocus.com/bid/106568

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox::::::::
reference_id	cpe:2.3:a:oracle:vm_virtualbox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:6.0.0:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:6.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:6.0.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-2521

reference_id

CVE-2019-2521

reference_type

scores

value	4.4
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-2521

Weaknesses

Exploits

Severity_range_score 4.4 - 7.8

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6v66-95ez-u7ev

Vulnerability Instance