{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/248617?format=json","vulnerability_id":"VCID-2r65-7mst-7ff7","summary":"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).","aliases":[{"alias":"CVE-2021-2321"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372103?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.20-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.20-1"},{"url":"http://public2.vulnerablecode.io/api/packages/942227?format=json","purl":"pkg:deb/debian/virtualbox@6.1.20-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@6.1.20-dfsg-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/942186?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059665?format=json","purl":"pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088739?format=json","purl":"pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372102?format=json","purl":"pkg:alpm/archlinux/virtualbox@6.1.18-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2r65-7mst-7ff7"},{"vulnerability":"VCID-3rtp-jbxr-1qey"},{"vulnerability":"VCID-4sk2-6fz1-6qd1"},{"vulnerability":"VCID-7b9u-tggy-gqej"},{"vulnerability":"VCID-7d2s-r3zf-u7ag"},{"vulnerability":"VCID-94zg-371b-qkdp"},{"vulnerability":"VCID-c7w5-yk8d-qkfb"},{"vulnerability":"VCID-cm61-d57b-1qhq"},{"vulnerability":"VCID-ctc7-nx1g-quh9"},{"vulnerability":"VCID-e7tk-fpb8-yugw"},{"vulnerability":"VCID-f8a4-p5xx-sqab"},{"vulnerability":"VCID-fuce-smna-wych"},{"vulnerability":"VCID-gguv-hvra-23ff"},{"vulnerability":"VCID-mtk7-rr3s-1ua6"},{"vulnerability":"VCID-puye-vcas-s7dv"},{"vulnerability":"VCID-qbjr-mw28-9ufu"},{"vulnerability":"VCID-t3m7-zvcc-3qar"},{"vulnerability":"VCID-u1n4-8wg1-cfea"},{"vulnerability":"VCID-xh4p-m9fs-y3eb"},{"vulnerability":"VCID-y4xt-atn4-g7bv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/virtualbox@6.1.18-2"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2321","reference_id":"","reference_type":"","scores":[{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36214","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36121","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36144","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36539","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36711","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36742","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.3658","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36633","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36651","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36659","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36624","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36599","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36645","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36628","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36568","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36344","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36315","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36228","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36111","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36181","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36208","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2321"},{"reference_url":"https://security.archlinux.org/ASA-202104-9","reference_id":"ASA-202104-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202104-9"},{"reference_url":"https://security.archlinux.org/AVG-1846","reference_id":"AVG-1846","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1846"}],"weaknesses":[],"exploits":[],"severity_range_score":"6.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2r65-7mst-7ff7"}