Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1035583?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1035583?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5", "type": "deb", "namespace": "debian", "name": "libxml2", "version": "2.9.1+dfsg1-5", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.15.1+dfsg-2", "latest_non_vulnerable_version": "2.15.1+dfsg-2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69445?format=api", "vulnerability_id": "VCID-27jd-t23h-73f4", "summary": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6021.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6021.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6021", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73272", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73267", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73295", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02116", "scoring_system": "epss", "scoring_elements": "0.84123", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02116", "scoring_system": "epss", "scoring_elements": "0.84109", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02116", "scoring_system": "epss", "scoring_elements": "0.84115", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02116", "scoring_system": "epss", "scoring_elements": "0.84133", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02116", "scoring_system": "epss", "scoring_elements": "0.84127", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6021" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107720", "reference_id": "1107720", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107720" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406", "reference_id": "2372406", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/926", "reference_id": "926", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/926" }, { "reference_url": "https://security.archlinux.org/AVG-2899", "reference_id": "AVG-2899", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2899" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9", "reference_id": "cpe:/a:redhat:discovery:2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9", "reference_id": "cpe:/a:redhat:insights_proxy:1.5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1", "reference_id": "cpe:/a:redhat:jboss_core_services:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8", "reference_id": "cpe:/a:redhat:openshift:4.12::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9", "reference_id": "cpe:/a:redhat:openshift:4.13::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8", "reference_id": "cpe:/a:redhat:openshift:4.14::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9", "reference_id": "cpe:/a:redhat:openshift:4.14::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9", "reference_id": "cpe:/a:redhat:openshift:4.15::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9", "reference_id": "cpe:/a:redhat:openshift:4.16::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9", "reference_id": "cpe:/a:redhat:openshift:4.17::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9", "reference_id": "cpe:/a:redhat:openshift:4.18::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9", "reference_id": "cpe:/a:redhat:openshift:4.19::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-6021", "reference_id": "CVE-2025-6021", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-6021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10630", "reference_id": "RHSA-2025:10630", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10698", "reference_id": "RHSA-2025:10698", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10699", "reference_id": "RHSA-2025:10699", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11580", "reference_id": "RHSA-2025:11580", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11673", "reference_id": "RHSA-2025:11673", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12098", "reference_id": "RHSA-2025:12098", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12099", "reference_id": "RHSA-2025:12099", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12199", "reference_id": "RHSA-2025:12199", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12237", "reference_id": "RHSA-2025:12237", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12239", "reference_id": "RHSA-2025:12239", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12240", "reference_id": "RHSA-2025:12240", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12241", "reference_id": "RHSA-2025:12241", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13289", "reference_id": "RHSA-2025:13289", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13325", "reference_id": "RHSA-2025:13325", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13335", "reference_id": "RHSA-2025:13335", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13336", "reference_id": "RHSA-2025:13336", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14059", "reference_id": "RHSA-2025:14059", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:14059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14396", "reference_id": "RHSA-2025:14396", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:14396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15308", "reference_id": "RHSA-2025:15308", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15672", "reference_id": "RHSA-2025:15672", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19020", "reference_id": "RHSA-2025:19020", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19020" }, { "reference_url": "https://usn.ubuntu.com/7694-1/", "reference_id": "USN-7694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-6021" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-27jd-t23h-73f4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7237?format=api", "vulnerability_id": "VCID-2b1g-gp84-87e8", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlGROW function in parser.c in libxml2 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7499.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7499.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01577", "scoring_system": "epss", "scoring_elements": "0.81559", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01577", "scoring_system": "epss", "scoring_elements": "0.81487", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01577", "scoring_system": "epss", "scoring_elements": "0.81499", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01577", "scoring_system": "epss", "scoring_elements": "0.81521", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01577", "scoring_system": "epss", "scoring_elements": "0.81518", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01577", "scoring_system": "epss", "scoring_elements": "0.81546", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01577", "scoring_system": "epss", "scoring_elements": "0.81552", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01577", "scoring_system": "epss", "scoring_elements": "0.81572", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7499" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281925", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281925" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da" }, { "reference_url": "https://github.com/advisories/GHSA-jxjr-5h69-qw3w", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jxjr-5h69-qw3w" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-7499.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-7499.yml" }, { "reference_url": "https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" }, { "reference_url": "https://support.apple.com/HT206166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206166" }, { "reference_url": "https://support.apple.com/HT206167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206167" }, { "reference_url": "https://support.apple.com/HT206168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206168" }, { "reference_url": "https://support.apple.com/HT206169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206169" }, { "reference_url": "https://web.archive.org/web/20210724022841/http://www.securityfocus.com/bid/79509", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210724022841/http://www.securityfocus.com/bid/79509" }, { "reference_url": "https://web.archive.org/web/20211205133229/https://securitytracker.com/id/1034243", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211205133229/https://securitytracker.com/id/1034243" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/79509", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/79509" }, { "reference_url": "http://www.securitytracker.com/id/1034243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034243" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2834-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-2834-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7499", "reference_id": "CVE-2015-7499", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7499" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" }, { "reference_url": "https://usn.ubuntu.com/2875-1/", "reference_id": "USN-2875-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2875-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-7499", "GHSA-jxjr-5h69-qw3w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2b1g-gp84-87e8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7361?format=api", "vulnerability_id": "VCID-2j62-5rjn-vyeu", "summary": "Uncontrolled Resource Consumption\ndict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the \"<!DOCTYPE html\" substring in a crafted HTML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8806.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8806.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06052", "scoring_system": "epss", "scoring_elements": "0.9071", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06052", "scoring_system": "epss", "scoring_elements": "0.90694", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06052", "scoring_system": "epss", "scoring_elements": "0.90743", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06052", "scoring_system": "epss", "scoring_elements": "0.90746", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06052", "scoring_system": "epss", "scoring_elements": "0.90737", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06052", "scoring_system": "epss", "scoring_elements": "0.90731", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06052", "scoring_system": "epss", "scoring_elements": "0.9072", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06052", "scoring_system": "epss", "scoring_elements": "0.90699", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8806" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=749115", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=749115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-8806.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-8806.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/commit/03d402212707bd5dfa0a21b7de5e91a7f9d90028", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/sparklemotion/nokogiri/commit/03d402212707bd5dfa0a21b7de5e91a7f9d90028" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1473", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1473" }, { "reference_url": "https://mail.gnome.org/archives/xml/2016-May/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://mail.gnome.org/archives/xml/2016-May/msg00023.html" }, { "reference_url": "https://web.archive.org/web/20160928171015/http://www.securityfocus.com/bid/82071", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160928171015/http://www.securityfocus.com/bid/82071" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/02/03/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/02/03/5" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.securityfocus.com/bid/82071", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/82071" }, { "reference_url": "http://www.ubuntu.com/usn/usn-2994-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-2994-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1304636", "reference_id": "1304636", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1304636" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813613", "reference_id": "813613", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813613" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8806", "reference_id": "CVE-2015-8806", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8806" }, { "reference_url": "https://github.com/advisories/GHSA-7hp2-xwpj-95jq", "reference_id": "GHSA-7hp2-xwpj-95jq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7hp2-xwpj-95jq" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8806", "GHSA-7hp2-xwpj-95jq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2j62-5rjn-vyeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71841?format=api", "vulnerability_id": "VCID-31w8-13b6-8beh", "summary": "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46331", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46361", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.463", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46355", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46356", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46379", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46351", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46352", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24928" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098321", "reference_id": "1098321", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098321" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346421", "reference_id": "2346421", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346421" }, { "reference_url": "https://issues.oss-fuzz.com/issues/392687022", "reference_id": "392687022", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T03:55:31Z/" } ], "url": "https://issues.oss-fuzz.com/issues/392687022" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847", "reference_id": "847", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T03:55:31Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2482", "reference_id": "RHSA-2025:2482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2483", "reference_id": "RHSA-2025:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2507", "reference_id": "RHSA-2025:2507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2513", "reference_id": "RHSA-2025:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2654", "reference_id": "RHSA-2025:2654", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2654" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2660", "reference_id": "RHSA-2025:2660", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2660" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2673", "reference_id": "RHSA-2025:2673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2678", "reference_id": "RHSA-2025:2678", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2678" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2679", "reference_id": "RHSA-2025:2679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2686", "reference_id": "RHSA-2025:2686", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2686" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2789", "reference_id": "RHSA-2025:2789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3055", "reference_id": "RHSA-2025:3055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3368", "reference_id": "RHSA-2025:3368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3397", "reference_id": "RHSA-2025:3397", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3397" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3453", "reference_id": "RHSA-2025:3453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3569", "reference_id": "RHSA-2025:3569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3775", "reference_id": "RHSA-2025:3775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3780", "reference_id": "RHSA-2025:3780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3867", "reference_id": "RHSA-2025:3867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4005", "reference_id": "RHSA-2025:4005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9895", "reference_id": "RHSA-2025:9895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9895" }, { "reference_url": "https://usn.ubuntu.com/7302-1/", "reference_id": "USN-7302-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7302-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-24928" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-31w8-13b6-8beh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7253?format=api", "vulnerability_id": "VCID-33n1-125n-63h6", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseMisc function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7500.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7500.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81032", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.80969", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.80978", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81002", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81029", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81035", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81052", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01486", "scoring_system": "epss", "scoring_elements": "0.81039", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" }, { "reference_url": "https://support.apple.com/HT206166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206166" }, { "reference_url": "https://support.apple.com/HT206167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206167" }, { "reference_url": "https://support.apple.com/HT206168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206168" }, { "reference_url": "https://support.apple.com/HT206169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206169" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/79562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/79562" }, { "reference_url": "http://www.securitytracker.com/id/1034243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034243" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2834-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2834-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281943", "reference_id": "1281943", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281943" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7500", "reference_id": "CVE-2015-7500", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7500" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-7500" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-33n1-125n-63h6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7247?format=api", "vulnerability_id": "VCID-3d1e-enaq-q3cx", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 allows context-dependent attackers to cause a denial of service via unspecified vectors.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7497.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7497.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86699", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86637", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86647", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86667", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86666", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86685", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86695", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86708", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03052", "scoring_system": "epss", "scoring_elements": "0.86705", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/79508", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/79508" }, { "reference_url": "http://www.securitytracker.com/id/1034243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034243" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2834-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2834-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281862", "reference_id": "1281862", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281862" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7497", "reference_id": "CVE-2015-7497", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7497" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-7497" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3d1e-enaq-q3cx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7205?format=api", "vulnerability_id": "VCID-3s4n-twju-b3dw", "summary": "Uncontrolled Resource Consumption\nThe xz_decomp function in xzlib.c in libxml2 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8035.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8035.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0108", "scoring_system": "epss", "scoring_elements": "0.77793", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0108", "scoring_system": "epss", "scoring_elements": "0.77787", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0108", "scoring_system": "epss", "scoring_elements": "0.77821", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01104", "scoring_system": "epss", "scoring_elements": "0.78079", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01104", "scoring_system": "epss", "scoring_elements": "0.781", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01104", "scoring_system": "epss", "scoring_elements": "0.78083", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01104", "scoring_system": "epss", "scoring_elements": "0.78043", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01104", "scoring_system": "epss", "scoring_elements": "0.78069", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01104", "scoring_system": "epss", "scoring_elements": "0.78073", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8035" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=757466", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=757466" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" }, { "reference_url": "https://support.apple.com/HT206166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206166" }, { "reference_url": "https://support.apple.com/HT206167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206167" }, { "reference_url": "https://support.apple.com/HT206168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206168" }, { "reference_url": "https://support.apple.com/HT206169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206169" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/02/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/02/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/02/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/02/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/03/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/03/1" }, { "reference_url": "http://www.securityfocus.com/bid/77390", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77390" }, { "reference_url": "http://www.securitytracker.com/id/1034243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034243" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2812-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2812-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", "reference_id": "1277146", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1277146" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803942", "reference_id": "803942", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803942" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", "reference_id": "CVE-2015-8035", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8035" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1190", "reference_id": "RHSA-2020:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1190" }, { "reference_url": "https://usn.ubuntu.com/2812-1/", "reference_id": "USN-2812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2812-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8035" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3s4n-twju-b3dw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61905?format=api", "vulnerability_id": "VCID-3whx-6t3e-7beq", "summary": "Multiple vulnerabilities have been found in libxml2, the worst of\n which could result in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5969.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5969.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5969", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86361", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86426", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.8642", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86434", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86432", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86372", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86389", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86391", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.8641", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5969" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=778519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=778519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5969" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html" }, { "reference_url": "https://security.gentoo.org/glsa/201711-01", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201711-01" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/11/05/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/11/05/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/02/13/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2017/02/13/1" }, { "reference_url": "http://www.securityfocus.com/bid/96188", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96188" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1421996", "reference_id": "1421996", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1421996" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855001", "reference_id": "855001", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855001" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.9.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5969", "reference_id": "CVE-2017-5969", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" }, { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5969" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038282?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-5969" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3whx-6t3e-7beq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69443?format=api", "vulnerability_id": "VCID-464a-typa-7qbu", "summary": "libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6170.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6170.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6170", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10121", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10061", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10087", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09984", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10161", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10028", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30654", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30698", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6170" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6170" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107938", "reference_id": "1107938", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107938" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372952", "reference_id": "2372952", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T16:05:03Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372952" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/941", "reference_id": "941", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T16:05:03Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/941" }, { "reference_url": "https://security.archlinux.org/AVG-2898", "reference_id": "AVG-2898", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2898" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1", "reference_id": "cpe:/a:redhat:jboss_core_services:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-6170", "reference_id": "CVE-2025-6170", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T16:05:03Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-6170" }, { "reference_url": "https://usn.ubuntu.com/7694-1/", "reference_id": "USN-7694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-6170" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-464a-typa-7qbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8801?format=api", "vulnerability_id": "VCID-4hws-gtxr-3bge", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nBuffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7376.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7376.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38432", "scoring_system": "epss", "scoring_elements": "0.97211", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.38432", "scoring_system": "epss", "scoring_elements": "0.97239", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.38432", "scoring_system": "epss", "scoring_elements": "0.97237", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.38432", "scoring_system": "epss", "scoring_elements": "0.97238", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.38432", "scoring_system": "epss", "scoring_elements": "0.97216", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.38432", "scoring_system": "epss", "scoring_elements": "0.97222", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.38432", "scoring_system": "epss", "scoring_elements": "0.97223", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.38432", "scoring_system": "epss", "scoring_elements": "0.97233", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.38432", "scoring_system": "epss", "scoring_elements": "0.97234", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462216", "reference_id": "1462216", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462216" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870865", "reference_id": "870865", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870865" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7376", "reference_id": "CVE-2017-7376", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7376" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038282?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-7376" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4hws-gtxr-3bge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9028?format=api", "vulnerability_id": "VCID-4m3j-qy8c-4uhk", "summary": "NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2309.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2309.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2309", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00868", "scoring_system": "epss", "scoring_elements": "0.75167", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00868", "scoring_system": "epss", "scoring_elements": "0.75189", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00868", "scoring_system": "epss", "scoring_elements": "0.75168", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00868", "scoring_system": "epss", "scoring_elements": "0.75155", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00868", "scoring_system": "epss", "scoring_elements": "0.75121", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00868", "scoring_system": "epss", "scoring_elements": "0.75144", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00868", "scoring_system": "epss", "scoring_elements": "0.75114", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2309" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-wrxv-2j5q-m38w", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wrxv-2j5q-m38w" }, { "reference_url": "https://github.com/lxml/lxml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/lxml/lxml" }, { "reference_url": "https://github.com/lxml/lxml/blob/master/CHANGES.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/lxml/lxml/blob/master/CHANGES.txt" }, { "reference_url": "https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2022-230.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2022-230.yaml" }, { "reference_url": "https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00021.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2309", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2309" }, { "reference_url": "https://security.gentoo.org/glsa/202208-06", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202208-06" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220915-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220915-0006" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014766", "reference_id": "1014766", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014766" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039991", "reference_id": "1039991", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039991" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107571", "reference_id": "2107571", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8226", "reference_id": "RHSA-2022:8226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8226" }, { "reference_url": "https://usn.ubuntu.com/5760-1/", "reference_id": "USN-5760-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5760-1/" }, { "reference_url": "https://usn.ubuntu.com/6028-2/", "reference_id": "USN-6028-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6028-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2022-2309", "GHSA-wrxv-2j5q-m38w", "PYSEC-2022-230" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4m3j-qy8c-4uhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7392?format=api", "vulnerability_id": "VCID-51f2-w9b7-9fb4", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1840.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1840.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02142", "scoring_system": "epss", "scoring_elements": "0.84146", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02142", "scoring_system": "epss", "scoring_elements": "0.84217", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02142", "scoring_system": "epss", "scoring_elements": "0.84226", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02142", "scoring_system": "epss", "scoring_elements": "0.8422", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02142", "scoring_system": "epss", "scoring_elements": "0.8416", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02142", "scoring_system": "epss", "scoring_elements": "0.84178", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02142", "scoring_system": "epss", "scoring_elements": "0.8418", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02142", "scoring_system": "epss", "scoring_elements": "0.84201", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02142", "scoring_system": "epss", "scoring_elements": "0.84208", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1840" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=757711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=757711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=cbb271655cadeb8dbb258a64701d9a3a0c4835b4", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=cbb271655cadeb8dbb258a64701d9a3a0c4835b4" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://support.apple.com/HT206564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206564" }, { "reference_url": "https://support.apple.com/HT206566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206566" }, { "reference_url": "https://support.apple.com/HT206567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206567" }, { "reference_url": "https://support.apple.com/HT206568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206568" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/90691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90691" }, { "reference_url": "http://www.securitytracker.com/id/1035890", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035890" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338706", "reference_id": "1338706", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338706" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1840", "reference_id": "CVE-2016-1840", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1840" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1840" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-51f2-w9b7-9fb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8761?format=api", "vulnerability_id": "VCID-57yv-ay7b-v7ev", "summary": "Out-of-bounds Write\nAn integer overflow in xmlmemory.c in libxml2, as used in Google Chrome and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5130.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5130.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5130", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.78627", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.78576", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.78583", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.78614", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.78596", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.78621", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.78628", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.78652", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.78634", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5130" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101482", "reference_id": "101482", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "http://www.securityfocus.com/bid/101482" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503537", "reference_id": "1503537", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503537" }, { "reference_url": "https://crbug.com/722079", "reference_id": "722079", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "https://crbug.com/722079" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880000", "reference_id": "880000", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880000" }, { "reference_url": "https://security.archlinux.org/ASA-201710-27", "reference_id": "ASA-201710-27", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-27" }, { "reference_url": "https://security.archlinux.org/AVG-456", "reference_id": "AVG-456", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-456" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5130", "reference_id": "CVE-2017-5130", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5130" }, { "reference_url": "https://security.gentoo.org/glsa/201710-24", "reference_id": "GLSA-201710-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "https://security.gentoo.org/glsa/201710-24" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed", "reference_id": "?id=897dffbae322b46b83f99a607d527058a72c51ed", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html", "reference_id": "msg00034.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2997", "reference_id": "RHSA-2017:2997", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2997" }, { "reference_url": "http://bugzilla.gnome.org/show_bug.cgi?id=783026", "reference_id": "show_bug.cgi?id=783026", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "http://bugzilla.gnome.org/show_bug.cgi?id=783026" }, { "reference_url": "https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038282?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-5130" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-57yv-ay7b-v7ev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7025?format=api", "vulnerability_id": "VCID-69ff-ngna-mkbv", "summary": "Uncontrolled Resource Consumption\nparser.c in libxml2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the \"billion laughs\" attack.", "references": [ { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "reference_id": "", "reference_type": "", "scores": [], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00034.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1655.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1655.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1885.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1885.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3660.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3660.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3660", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04342", "scoring_system": "epss", "scoring_elements": "0.88935", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04342", "scoring_system": "epss", "scoring_elements": "0.88936", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04342", "scoring_system": "epss", "scoring_elements": "0.8888", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04342", "scoring_system": "epss", "scoring_elements": "0.88888", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04342", "scoring_system": "epss", "scoring_elements": "0.88903", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04342", "scoring_system": "epss", "scoring_elements": "0.88905", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04342", "scoring_system": "epss", "scoring_elements": "0.88924", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04342", "scoring_system": "epss", "scoring_elements": "0.88929", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04342", "scoring_system": "epss", "scoring_elements": "0.88941", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3660" }, { "reference_url": "https://bugzilla.redhat.com/attachment.cgi?id=944444&action=diff", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/attachment.cgi?id=944444&action=diff" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660" }, { "reference_url": "http://secunia.com/advisories/59903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59903" }, { "reference_url": "http://secunia.com/advisories/61965", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61965" }, { "reference_url": "http://secunia.com/advisories/61966", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61966" }, { "reference_url": "http://secunia.com/advisories/61991", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61991" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.apple.com/kb/HT205030", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT205030" }, { "reference_url": "https://support.apple.com/kb/HT205031", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/kb/HT205031" }, { "reference_url": "https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html" }, { "reference_url": "http://www.debian.org/security/2014/dsa-3057", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2014/dsa-3057" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:244", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:244" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/10/17/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/10/17/7" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/70644", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/70644" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2389-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2389-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1149084", "reference_id": "1149084", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1149084" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765722", "reference_id": "765722", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765722" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.5.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.9.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3660", "reference_id": "CVE-2014-3660", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3660" }, { "reference_url": "https://security.gentoo.org/glsa/201412-06", "reference_id": "GLSA-201412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1655", "reference_id": "RHSA-2014:1655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1885", "reference_id": "RHSA-2014:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1885" }, { "reference_url": "https://usn.ubuntu.com/2389-1/", "reference_id": "USN-2389-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2389-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2014-3660" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-69ff-ngna-mkbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7206?format=api", "vulnerability_id": "VCID-6h9f-6pmg-3fh3", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nlibxml2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7941.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7941.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00492", "scoring_system": "epss", "scoring_elements": "0.65587", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00492", "scoring_system": "epss", "scoring_elements": "0.65538", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00492", "scoring_system": "epss", "scoring_elements": "0.65617", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67784", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67833", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.6782", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67744", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67795", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67809", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7941" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=744980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=744980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/10/22/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/10/22/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/10/22/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/10/22/8" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/74241", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/74241" }, { "reference_url": "http://www.securitytracker.com/id/1034243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034243" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2812-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2812-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274222", "reference_id": "1274222", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274222" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783010", "reference_id": "783010", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783010" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7941", "reference_id": "CVE-2015-7941", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7941" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2812-1/", "reference_id": "USN-2812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2812-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-7941" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6h9f-6pmg-3fh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69455?format=api", "vulnerability_id": "VCID-74y5-vcxn-2ygr", "summary": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49794.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49794.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49794", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31508", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31549", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31368", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31421", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31452", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31455", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63434", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63469", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49794" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107755", "reference_id": "1107755", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107755" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373", "reference_id": "2372373", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931", "reference_id": "931", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931" }, { "reference_url": "https://security.archlinux.org/AVG-2898", "reference_id": "AVG-2898", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2898" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9", "reference_id": "cpe:/a:redhat:cert_manager:1.16::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9", "reference_id": "cpe:/a:redhat:insights_proxy:1.5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1", "reference_id": "cpe:/a:redhat:jboss_core_services:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8", "reference_id": "cpe:/a:redhat:openshift:4.12::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9", "reference_id": "cpe:/a:redhat:openshift:4.13::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9", "reference_id": "cpe:/a:redhat:openshift:4.14::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9", "reference_id": "cpe:/a:redhat:openshift:4.17::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9", "reference_id": "cpe:/a:redhat:openshift:4.18::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9", "reference_id": "cpe:/a:redhat:openshift:4.19::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9", "reference_id": "cpe:/a:redhat:openshift:4.20::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_file_integrity_operator:1::el9", "reference_id": "cpe:/a:redhat:openshift_file_integrity_operator:1::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_file_integrity_operator:1::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8", "reference_id": "cpe:/a:redhat:openshift_serverless:1.36::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9", "reference_id": "cpe:/a:redhat:webterminal:1.11::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9", "reference_id": "cpe:/a:redhat:webterminal:1.12::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-49794", "reference_id": "CVE-2025-49794", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-49794" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10630", "reference_id": "RHSA-2025:10630", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10698", "reference_id": "RHSA-2025:10698", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10699", "reference_id": "RHSA-2025:10699", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11580", "reference_id": "RHSA-2025:11580", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12098", "reference_id": "RHSA-2025:12098", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12099", "reference_id": "RHSA-2025:12099", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12199", "reference_id": "RHSA-2025:12199", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12237", "reference_id": "RHSA-2025:12237", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12239", "reference_id": "RHSA-2025:12239", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12240", "reference_id": "RHSA-2025:12240", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12241", "reference_id": "RHSA-2025:12241", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13335", "reference_id": "RHSA-2025:13335", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15827", "reference_id": "RHSA-2025:15827", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15828", "reference_id": "RHSA-2025:15828", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18219", "reference_id": "RHSA-2025:18219", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:18219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19020", "reference_id": "RHSA-2025:19020", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21913", "reference_id": "RHSA-2025:21913", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21913" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7694-1/", "reference_id": "USN-7694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-49794" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-74y5-vcxn-2ygr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58841?format=api", "vulnerability_id": "VCID-782a-uast-nbch", "summary": "Multiple vulnerabilities have been found in libxml2, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20388.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20388.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69892", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69869", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69805", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69863", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69877", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.69853", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70272", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70255", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70243", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20388" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799734", "reference_id": "1799734", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799734" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/", "reference_id": "545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/", "reference_id": "5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68", "reference_id": "68", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949583", "reference_id": "949583", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949583" }, { "reference_url": "https://security.archlinux.org/ASA-202011-15", "reference_id": "ASA-202011-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-15" }, { "reference_url": "https://security.archlinux.org/AVG-1263", "reference_id": "AVG-1263", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1263" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20388", "reference_id": "CVE-2019-20388", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20388" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/", "reference_id": "JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2644", "reference_id": "RHSA-2020:2644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2646", "reference_id": "RHSA-2020:2646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3996", "reference_id": "RHSA-2020:3996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4479", "reference_id": "RHSA-2020:4479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2019-20388" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-782a-uast-nbch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44699?format=api", "vulnerability_id": "VCID-7bpp-2hvk-2udv", "summary": "Multiple vulnerabilities have been found in libxml2, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00036.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00036.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00061.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00061.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24977.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24977.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66024", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.65987", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66036", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66048", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66067", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66054", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66619", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66645", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.6658", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24977" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/178" }, { "reference_url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NQ5GTDYOVH26PBCPYXXMGW5ZZXWMGZC/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NQ5GTDYOVH26PBCPYXXMGW5ZZXWMGZC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KTUAGDLEHTH6HU66HBFAFTSQ3OKRAN3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KTUAGDLEHTH6HU66HBFAFTSQ3OKRAN3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/674LQPJO2P2XTBTREFR5LOZMBTZ4PZAY/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/674LQPJO2P2XTBTREFR5LOZMBTZ4PZAY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KQXOHIE3MNY3VQXEN7LDQUJNIHOVHAW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KQXOHIE3MNY3VQXEN7LDQUJNIHOVHAW/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ENEHQIBMSI6TZVS35Y6I4FCTYUQDLJVP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ENEHQIBMSI6TZVS35Y6I4FCTYUQDLJVP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H3IQ7OQXBKWD3YP7HO6KCNOMLE5ZO2IR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H3IQ7OQXBKWD3YP7HO6KCNOMLE5ZO2IR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3ICASXZI2UQYFJAOQWHSTNWGED3VXOE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3ICASXZI2UQYFJAOQWHSTNWGED3VXOE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCHXIWR5DHYO3RSO7RAHEC6VJKXD2EH2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCHXIWR5DHYO3RSO7RAHEC6VJKXD2EH2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7MEWYKIKMV2SKMGH4IDWVU3ZGJXBCPQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7MEWYKIKMV2SKMGH4IDWVU3ZGJXBCPQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RIQAMBA2IJUTQG5VOP5LZVIZRNCKXHEQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RIQAMBA2IJUTQG5VOP5LZVIZRNCKXHEQ/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200924-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200924-0001/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1877788", "reference_id": "1877788", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1877788" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969529", "reference_id": "969529", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969529" }, { "reference_url": "https://security.archlinux.org/ASA-202011-15", "reference_id": "ASA-202011-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-15" }, { "reference_url": "https://security.archlinux.org/AVG-1263", "reference_id": "AVG-1263", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1263" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24977", "reference_id": "CVE-2020-24977", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24977" }, { "reference_url": "https://security.gentoo.org/glsa/202107-05", "reference_id": "GLSA-202107-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1597", "reference_id": "RHSA-2021:1597", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1597" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2020-24977" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7bpp-2hvk-2udv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7398?format=api", "vulnerability_id": "VCID-7h3p-7ej2-17f1", "summary": "Out-of-bounds Read\nThe xmlDictAddString function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1839.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1839.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10773", "scoring_system": "epss", "scoring_elements": "0.93343", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.10773", "scoring_system": "epss", "scoring_elements": "0.93344", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.10773", "scoring_system": "epss", "scoring_elements": "0.93342", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.10773", "scoring_system": "epss", "scoring_elements": "0.93312", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.10773", "scoring_system": "epss", "scoring_elements": "0.93321", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.10773", "scoring_system": "epss", "scoring_elements": "0.93327", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.10773", "scoring_system": "epss", "scoring_elements": "0.93326", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.10773", "scoring_system": "epss", "scoring_elements": "0.93335", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.10773", "scoring_system": "epss", "scoring_elements": "0.9334", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1839" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=758605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=758605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://support.apple.com/HT206564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206564" }, { "reference_url": "https://support.apple.com/HT206566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206566" }, { "reference_url": "https://support.apple.com/HT206567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206567" }, { "reference_url": "https://support.apple.com/HT206568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206568" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/90691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90691" }, { "reference_url": "http://www.securitytracker.com/id/1035890", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035890" }, { "reference_url": "http://www.securitytracker.com/id/1038623", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038623" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338703", "reference_id": "1338703", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338703" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://code.google.com/p/google-security-research/issues/detail?id=637", "reference_id": "CVE-2016-1839", "reference_type": "exploit", "scores": [], "url": "https://code.google.com/p/google-security-research/issues/detail?id=637" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39491.txt", "reference_id": "CVE-2016-1839", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39491.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1839", "reference_id": "CVE-2016-1839", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1839" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1839" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7h3p-7ej2-17f1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7246?format=api", "vulnerability_id": "VCID-7rzw-9jj5-4ybk", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlNextChar function in libxml2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8241.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8241.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76988", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76993", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76926", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76932", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76962", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76944", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76976", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76987", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.77014", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8241" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=756263", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=756263" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/17/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/17/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/18/23", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/18/23" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/77621", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77621" }, { "reference_url": "http://www.securitytracker.com/id/1034243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034243" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2834-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2834-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281936", "reference_id": "1281936", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806384", "reference_id": "806384", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806384" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8241", "reference_id": "CVE-2015-8241", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8241" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7rzw-9jj5-4ybk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76431?format=api", "vulnerability_id": "VCID-8d2w-3c3p-zqaz", "summary": "libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34459.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34459.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34459", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.73676", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.73635", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.73659", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.73632", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.73667", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.7368", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.73702", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.73685", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34459" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071162", "reference_id": "1071162", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071162" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280532", "reference_id": "2280532", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280532" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", "reference_id": "5HVUXKYTBWT3G5DEEQX62STJQBY367NL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", "reference_id": "INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/" }, { "reference_url": "https://usn.ubuntu.com/7240-1/", "reference_id": "USN-7240-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7240-1/" }, { "reference_url": "https://usn.ubuntu.com/7302-1/", "reference_id": "USN-7302-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7302-1/" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", "reference_id": "v2.11.8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", "reference_id": "v2.12.7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", "reference_id": "VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2024-34459" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8d2w-3c3p-zqaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8804?format=api", "vulnerability_id": "VCID-8tej-h12t-2fag", "summary": "Improper Restriction of XML External Entity Reference\nA flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7375.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7375.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.48823", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.48754", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.48793", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.48818", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.48773", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.48827", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.48824", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.48841", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00255", "scoring_system": "epss", "scoring_elements": "0.48815", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462203", "reference_id": "1462203", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462203" }, { "reference_url": "https://source.android.com/security/bulletin/2017-06-01", "reference_id": "2017-06-01", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/" } ], "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "reference_url": "https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa", "reference_id": "308396a55280f69ad4112d4f9892f4cbeff042aa", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/" } ], "url": "https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870867", "reference_id": "870867", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870867" }, { "reference_url": "http://www.securityfocus.com/bid/98877", "reference_id": "98877", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/" } ], "url": "http://www.securityfocus.com/bid/98877" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7375", "reference_id": "CVE-2017-7375", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7375" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3952", "reference_id": "dsa-3952", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/" } ], "url": "https://www.debian.org/security/2017/dsa-3952" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e", "reference_id": "?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038282?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-7375" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8tej-h12t-2fag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44704?format=api", "vulnerability_id": "VCID-9hqf-12yh-bkc8", "summary": "Multiple vulnerabilities have been found in libxml2, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3518.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3518.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3518", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48398", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48386", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48412", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48388", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48394", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48339", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49056", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.49118", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00257", "scoring_system": "epss", "scoring_elements": "0.4909", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3518" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954242", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954242" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Jul/54", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2021/Jul/54" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Jul/55", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2021/Jul/55" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Jul/58", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2021/Jul/58" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Jul/59", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2021/Jul/59" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3518.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3518.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/" }, { "reference_url": "https://nokogiri.org/CHANGELOG.html#1114-2021-05-14", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nokogiri.org/CHANGELOG.html#1114-2021-05-14" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3518", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3518" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210625-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210625-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210625-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20210625-0002/" }, { "reference_url": "https://support.apple.com/kb/HT212601", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/kb/HT212601" }, { "reference_url": "https://support.apple.com/kb/HT212602", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/kb/HT212602" }, { "reference_url": "https://support.apple.com/kb/HT212604", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/kb/HT212604" }, { "reference_url": "https://support.apple.com/kb/HT212605", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/kb/HT212605" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987737", "reference_id": "987737", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987737" }, { "reference_url": "https://security.archlinux.org/AVG-1883", "reference_id": "AVG-1883", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1883" }, { "reference_url": "https://github.com/advisories/GHSA-v4f8-2847-rwm7", "reference_id": "GHSA-v4f8-2847-rwm7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v4f8-2847-rwm7" }, { "reference_url": "https://security.gentoo.org/glsa/202107-05", "reference_id": "GLSA-202107-05", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202107-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2569", "reference_id": "RHSA-2021:2569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2021-3518", "GHSA-v4f8-2847-rwm7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9hqf-12yh-bkc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7243?format=api", "vulnerability_id": "VCID-9p2f-ynzb-r3gj", "summary": "Vulnerabilities in libxml2\nSeveral vulnerabilities were discovered in the libxml2 library that this package gem depends on.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5312.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5312.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00966", "scoring_system": "epss", "scoring_elements": "0.76575", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00966", "scoring_system": "epss", "scoring_elements": "0.76518", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00966", "scoring_system": "epss", "scoring_elements": "0.76523", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00966", "scoring_system": "epss", "scoring_elements": "0.76552", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00966", "scoring_system": "epss", "scoring_elements": "0.76534", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00966", "scoring_system": "epss", "scoring_elements": "0.76566", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00966", "scoring_system": "epss", "scoring_elements": "0.76577", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00966", "scoring_system": "epss", "scoring_elements": "0.76603", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00966", "scoring_system": "epss", "scoring_elements": "0.76582", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5312" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-5312.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-5312.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/commit/4205af1a2a546f79d1b48df2ad8b27299c0099c5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/sparklemotion/nokogiri/commit/4205af1a2a546f79d1b48df2ad8b27299c0099c5" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/pull/1378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/sparklemotion/nokogiri/pull/1378" }, { "reference_url": "https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" }, { "reference_url": "https://support.apple.com/HT206166", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206166" }, { "reference_url": "https://support.apple.com/HT206167", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206167" }, { "reference_url": "https://support.apple.com/HT206168", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206168" }, { "reference_url": "https://support.apple.com/HT206169", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206169" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/79536", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/79536" }, { "reference_url": "http://www.securitytracker.com/id/1034243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034243" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2834-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-2834-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5312", "reference_id": "CVE-2015-5312", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5312" }, { "reference_url": "https://github.com/advisories/GHSA-xjqg-9jvg-fgx2", "reference_id": "GHSA-xjqg-9jvg-fgx2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xjqg-9jvg-fgx2" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-5312", "GHSA-xjqg-9jvg-fgx2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9p2f-ynzb-r3gj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7463?format=api", "vulnerability_id": "VCID-9q49-2srz-rkg7", "summary": "Use After Free\nUse-after-free vulnerability in libxml2, as used in Google Chrome, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.", "references": [ { "reference_url": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1485.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1485.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5131.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5131.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5131", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03868", "scoring_system": "epss", "scoring_elements": "0.88226", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03868", "scoring_system": "epss", "scoring_elements": "0.88198", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03868", "scoring_system": "epss", "scoring_elements": "0.88217", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03868", "scoring_system": "epss", "scoring_elements": "0.88223", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03868", "scoring_system": "epss", "scoring_elements": "0.88234", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03868", "scoring_system": "epss", "scoring_elements": "0.88227", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03971", "scoring_system": "epss", "scoring_elements": "0.8833", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03971", "scoring_system": "epss", "scoring_elements": "0.88338", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03971", "scoring_system": "epss", "scoring_elements": "0.88352", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5131" }, { "reference_url": "https://codereview.chromium.org/2127493002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://codereview.chromium.org/2127493002" }, { "reference_url": "https://crbug.com/623378", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://crbug.com/623378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1707", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1707" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5133", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5133" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5134", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5134" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5136", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5136" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5137" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://source.android.com/security/bulletin/2017-05-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://source.android.com/security/bulletin/2017-05-01" }, { "reference_url": "https://support.apple.com/HT207141", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://support.apple.com/HT207141" }, { "reference_url": "https://support.apple.com/HT207142", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://support.apple.com/HT207142" }, { "reference_url": "https://support.apple.com/HT207143", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://support.apple.com/HT207143" }, { "reference_url": "https://support.apple.com/HT207170", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://support.apple.com/HT207170" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3637", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://www.debian.org/security/2016/dsa-3637" }, { "reference_url": "http://www.securityfocus.com/bid/92053", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://www.securityfocus.com/bid/92053" }, { "reference_url": "http://www.securitytracker.com/id/1036428", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://www.securitytracker.com/id/1036428" }, { "reference_url": "http://www.securitytracker.com/id/1038623", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://www.securitytracker.com/id/1038623" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3041-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://www.ubuntu.com/usn/USN-3041-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", "reference_id": "1358641", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358641" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840554", "reference_id": "840554", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840554" }, { "reference_url": "https://security.archlinux.org/ASA-201611-2", "reference_id": "ASA-201611-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-2" }, { "reference_url": "https://security.archlinux.org/AVG-56", "reference_id": "AVG-56", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-56" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", "reference_id": "CVE-2016-5131", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5131" }, { "reference_url": "https://security.gentoo.org/glsa/201610-09", "reference_id": "GLSA-201610-09", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://security.gentoo.org/glsa/201610-09" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1485", "reference_id": "RHSA-2016:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1190", "reference_id": "RHSA-2020:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1190" }, { "reference_url": "https://usn.ubuntu.com/3041-1/", "reference_id": "USN-3041-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3041-1/" }, { "reference_url": "https://usn.ubuntu.com/3235-1/", "reference_id": "USN-3235-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3235-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-5131" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9q49-2srz-rkg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/18855?format=api", "vulnerability_id": "VCID-aasn-u7fd-8bhy", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nXmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39615.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39615.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39615", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30604", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30649", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32187", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32184", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34276", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.363", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36251", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39615" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/535", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:25:30Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/535" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051230", "reference_id": "1051230", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051230" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235864", "reference_id": "2235864", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235864" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39615", "reference_id": "CVE-2023-39615", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39615" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7544", "reference_id": "RHSA-2023:7544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7747", "reference_id": "RHSA-2023:7747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0119", "reference_id": "RHSA-2024:0119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0413", "reference_id": "RHSA-2024:0413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1317", "reference_id": "RHSA-2024:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1383", "reference_id": "RHSA-2024:1383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1477", "reference_id": "RHSA-2024:1477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1477" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2023-39615" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aasn-u7fd-8bhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7245?format=api", "vulnerability_id": "VCID-ah8e-sxuu-jqcw", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseXMLDecl function in parser.c in libxml2 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8317.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8317.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52662", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52678", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52562", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52605", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52631", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52598", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52649", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52644", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00293", "scoring_system": "epss", "scoring_elements": "0.52694", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8317" }, { "reference_url": "https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://blog.fuzzing-project.org/28-Libxml2-Several-out-of-bounds-reads.html" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=751603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=751603" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=751631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=751631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=709a952110e98621c9b78c4f26462a9d8333102e" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=9aa37588ee78a06ca1379a9d9356eab16686099c" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" }, { "reference_url": "https://support.apple.com/HT206899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206899" }, { "reference_url": "https://support.apple.com/HT206901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206901" }, { "reference_url": "https://support.apple.com/HT206902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206902" }, { "reference_url": "https://support.apple.com/HT206903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206903" }, { "reference_url": "https://support.apple.com/HT206904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206904" }, { "reference_url": "https://support.apple.com/HT206905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206905" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/21/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/21/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/22/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/22/3" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/77681", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77681" }, { "reference_url": "http://www.securityfocus.com/bid/91826", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91826" }, { "reference_url": "http://www.securitytracker.com/id/1034243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034243" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2834-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2834-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281930", "reference_id": "1281930", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281930" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8317", "reference_id": "CVE-2015-8317", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8317" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ah8e-sxuu-jqcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68202?format=api", "vulnerability_id": "VCID-ahha-vnq4-7qd2", "summary": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9714.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9714.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9714", "reference_id": "", "reference_type": "", "scores": [ { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00812", "published_at": "2026-04-04T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00909", "published_at": "2026-04-13T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00927", "published_at": "2026-04-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00912", "published_at": "2026-04-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00907", "published_at": "2026-04-12T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00924", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9714" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605", "reference_id": "2392605", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21", "reference_id": "677a42645ef22b5a50741bad5facf9d8a8bc6d21", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-10T18:46:42Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22162", "reference_id": "RHSA-2025:22162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22163", "reference_id": "RHSA-2025:22163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22177", "reference_id": "RHSA-2025:22177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22376", "reference_id": "RHSA-2025:22376", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22376" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22377", "reference_id": "RHSA-2025:22377", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22377" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22868", "reference_id": "RHSA-2025:22868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23202", "reference_id": "RHSA-2025:23202", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23202" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23204", "reference_id": "RHSA-2025:23204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23205", "reference_id": "RHSA-2025:23205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23209", "reference_id": "RHSA-2025:23209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23227", "reference_id": "RHSA-2025:23227", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23227" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23234", "reference_id": "RHSA-2025:23234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23449", "reference_id": "RHSA-2025:23449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0414", "reference_id": "RHSA-2026:0414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0677", "reference_id": "RHSA-2026:0677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0702", "reference_id": "RHSA-2026:0702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0978", "reference_id": "RHSA-2026:0978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0980", "reference_id": "RHSA-2026:0980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0985", "reference_id": "RHSA-2026:0985", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0985" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0996", "reference_id": "RHSA-2026:0996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1539", "reference_id": "RHSA-2026:1539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1539" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1541", "reference_id": "RHSA-2026:1541", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1541" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1652", "reference_id": "RHSA-2026:1652", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1652" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3461", "reference_id": "RHSA-2026:3461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3462", "reference_id": "RHSA-2026:3462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3462" }, { "reference_url": "https://usn.ubuntu.com/7743-1/", "reference_id": "USN-7743-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7743-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-9714" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ahha-vnq4-7qd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8546?format=api", "vulnerability_id": "VCID-azzy-m5pc-qudn", "summary": "Loop with Unreachable Exit Condition ('Infinite Loop')\nparser.c in libxml2 does not prevent infinite recursion in parameter entities.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16932.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16932.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16932", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21989", "scoring_system": "epss", "scoring_elements": "0.95738", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.21989", "scoring_system": "epss", "scoring_elements": "0.95772", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.21989", "scoring_system": "epss", "scoring_elements": "0.95773", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.21989", "scoring_system": "epss", "scoring_elements": "0.95769", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21989", "scoring_system": "epss", "scoring_elements": "0.95766", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.21989", "scoring_system": "epss", "scoring_elements": "0.95757", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.21989", "scoring_system": "epss", "scoring_elements": "0.95755", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.21989", "scoring_system": "epss", "scoring_elements": "0.95774", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.21989", "scoring_system": "epss", "scoring_elements": "0.95747", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16932" }, { "reference_url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=759579", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=759579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-16932.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-16932.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1714", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1714" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html" }, { "reference_url": "https://usn.ubuntu.com/3739-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3739-1" }, { "reference_url": "https://usn.ubuntu.com/3739-1/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://usn.ubuntu.com/3739-1/" }, { "reference_url": "https://usn.ubuntu.com/usn/usn-3504-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/usn/usn-3504-1/" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517316", "reference_id": "1517316", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517316" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882613", "reference_id": "882613", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882613" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16932", "reference_id": "CVE-2017-16932", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16932" }, { "reference_url": "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html", "reference_id": "CVE-2017-16932.HTML", "reference_type": "", "scores": [], "url": "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html" }, { "reference_url": "https://github.com/advisories/GHSA-x2fm-93ww-ggvx", "reference_id": "GHSA-x2fm-93ww-ggvx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x2fm-93ww-ggvx" }, { "reference_url": "https://usn.ubuntu.com/3504-1/", "reference_id": "USN-3504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3504-1/" }, { "reference_url": "https://usn.ubuntu.com/3504-2/", "reference_id": "USN-3504-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3504-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2017-16932", "GHSA-x2fm-93ww-ggvx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-azzy-m5pc-qudn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7150?format=api", "vulnerability_id": "VCID-b5tz-9s1v-pkg7", "summary": "Vulnerabilities in libxml2 and libxslt\nSeveral vulnerabilities were discovered in the libxml2 and libxslt libraries that this package gem depends on.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1419.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1419.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1819.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1819.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01944", "scoring_system": "epss", "scoring_elements": "0.83441", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01944", "scoring_system": "epss", "scoring_elements": "0.83402", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01944", "scoring_system": "epss", "scoring_elements": "0.83426", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01944", "scoring_system": "epss", "scoring_elements": "0.83437", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01944", "scoring_system": "epss", "scoring_elements": "0.83451", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01944", "scoring_system": "epss", "scoring_elements": "0.83445", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01997", "scoring_system": "epss", "scoring_elements": "0.83606", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01997", "scoring_system": "epss", "scoring_elements": "0.83591", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01997", "scoring_system": "epss", "scoring_elements": "0.83579", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-1819.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-1819.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/commit/8f3de6d88d0da11fb62a45daa61b85ce71b4af59", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/sparklemotion/nokogiri/commit/8f3de6d88d0da11fb62a45daa61b85ce71b4af59" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1374", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1374" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/pull/1376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/sparklemotion/nokogiri/pull/1376" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1819" }, { "reference_url": "https://security.gentoo.org/glsa/201507-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201507-08" }, { "reference_url": "https://support.apple.com/HT206166", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206166" }, { "reference_url": "https://support.apple.com/HT206167", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206167" }, { "reference_url": "https://support.apple.com/HT206168", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206168" }, { "reference_url": "https://support.apple.com/HT206169", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206169" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2812-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-2812-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211278", "reference_id": "1211278", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211278" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782782", "reference_id": "782782", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782782" }, { "reference_url": "https://github.com/advisories/GHSA-q7wx-62r7-j2x7", "reference_id": "GHSA-q7wx-62r7-j2x7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q7wx-62r7-j2x7" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1419", "reference_id": "RHSA-2015:1419", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1419" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://usn.ubuntu.com/2812-1/", "reference_id": "USN-2812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2812-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-1819", "GHSA-q7wx-62r7-j2x7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b5tz-9s1v-pkg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9630?format=api", "vulnerability_id": "VCID-bejh-22y7-kuh6", "summary": "NULL Pointer Dereference\nA NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1543", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1543" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14404.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14404.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18492", "scoring_system": "epss", "scoring_elements": "0.95218", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.18492", "scoring_system": "epss", "scoring_elements": "0.95206", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.18492", "scoring_system": "epss", "scoring_elements": "0.9522", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.20012", "scoring_system": "epss", "scoring_elements": "0.95464", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.20012", "scoring_system": "epss", "scoring_elements": "0.95468", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.20012", "scoring_system": "epss", "scoring_elements": "0.95469", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.20012", "scoring_system": "epss", "scoring_elements": "0.95454", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.20012", "scoring_system": "epss", "scoring_elements": "0.95461", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14404" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1785", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1785" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/issues/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/issues/10" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190719-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190719-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190719-0002/", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190719-0002/" }, { "reference_url": "https://usn.ubuntu.com/3739-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3739-1" }, { "reference_url": "https://usn.ubuntu.com/3739-1/", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://usn.ubuntu.com/3739-1/" }, { "reference_url": "https://usn.ubuntu.com/3739-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3739-2" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", "reference_id": "CVE-2018-14404", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14404" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-14404.yml", "reference_id": "CVE-2018-14404.YML", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-14404.yml" }, { "reference_url": "https://github.com/advisories/GHSA-6qvp-r6r3-9p7h", "reference_id": "GHSA-6qvp-r6r3-9p7h", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6qvp-r6r3-9p7h" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1190", "reference_id": "RHSA-2020:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1827", "reference_id": "RHSA-2020:1827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1827" }, { "reference_url": "https://usn.ubuntu.com/3739-2/", "reference_id": "USN-3739-2", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://usn.ubuntu.com/3739-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2018-14404", "GHSA-6qvp-r6r3-9p7h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bejh-22y7-kuh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7393?format=api", "vulnerability_id": "VCID-bk98-bfkg-7bdt", "summary": "Use After Free\nUse-after-free vulnerability in the xmlDictComputeFastKey function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service via a crafted XML document.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1836.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1836.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01153", "scoring_system": "epss", "scoring_elements": "0.78511", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01153", "scoring_system": "epss", "scoring_elements": "0.78519", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01153", "scoring_system": "epss", "scoring_elements": "0.7846", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01153", "scoring_system": "epss", "scoring_elements": "0.78466", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01153", "scoring_system": "epss", "scoring_elements": "0.78497", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01153", "scoring_system": "epss", "scoring_elements": "0.7848", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01153", "scoring_system": "epss", "scoring_elements": "0.78507", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01153", "scoring_system": "epss", "scoring_elements": "0.78512", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01153", "scoring_system": "epss", "scoring_elements": "0.78537", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1836" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=759398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=759398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://support.apple.com/HT206564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206564" }, { "reference_url": "https://support.apple.com/HT206566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206566" }, { "reference_url": "https://support.apple.com/HT206567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206567" }, { "reference_url": "https://support.apple.com/HT206568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206568" }, { "reference_url": "https://support.apple.com/HT206899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206899" }, { "reference_url": "https://support.apple.com/HT206901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206901" }, { "reference_url": "https://support.apple.com/HT206902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206902" }, { "reference_url": "https://support.apple.com/HT206903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206903" }, { "reference_url": "https://support.apple.com/HT206904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206904" }, { "reference_url": "https://support.apple.com/HT206905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206905" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/90691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90691" }, { "reference_url": "http://www.securitytracker.com/id/1035890", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035890" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338702", "reference_id": "1338702", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338702" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1836", "reference_id": "CVE-2016-1836", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1836" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1836" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bk98-bfkg-7bdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7391?format=api", "vulnerability_id": "VCID-bp8r-8jjt-hygw", "summary": "Improper Input Validation\nThe (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3705.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3705.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77362", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77365", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77304", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77311", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77339", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.7732", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.7735", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01034", "scoring_system": "epss", "scoring_elements": "0.77386", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3705" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=765207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=765207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "http://seclists.org/fulldisclosure/2016/May/10", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2016/May/10" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/89854", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/89854" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332443", "reference_id": "1332443", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332443" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823414", "reference_id": "823414", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823414" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3705", "reference_id": "CVE-2016-3705", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3705" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-3705" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bp8r-8jjt-hygw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69452?format=api", "vulnerability_id": "VCID-bz1e-1ypb-kkgg", "summary": "libxml: Type confusion leads to Denial of service (DoS)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49796.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49796.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49796", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65756", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.6584", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65761", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.6582", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65809", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00496", "scoring_system": "epss", "scoring_elements": "0.65791", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82685", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.82689", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49796" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107752", "reference_id": "1107752", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107752" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385", "reference_id": "2372385", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933", "reference_id": "933", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933" }, { "reference_url": "https://security.archlinux.org/AVG-2898", "reference_id": "AVG-2898", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2898" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9", "reference_id": "cpe:/a:redhat:cert_manager:1.16::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9", "reference_id": "cpe:/a:redhat:discovery:2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9", "reference_id": "cpe:/a:redhat:insights_proxy:1.5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1", "reference_id": "cpe:/a:redhat:jboss_core_services:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8", "reference_id": "cpe:/a:redhat:openshift:4.12::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9", "reference_id": "cpe:/a:redhat:openshift:4.13::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9", "reference_id": "cpe:/a:redhat:openshift:4.14::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9", "reference_id": "cpe:/a:redhat:openshift:4.17::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9", "reference_id": "cpe:/a:redhat:openshift:4.18::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9", "reference_id": "cpe:/a:redhat:openshift:4.19::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9", "reference_id": "cpe:/a:redhat:openshift:4.20::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_file_integrity_operator:1::el9", "reference_id": "cpe:/a:redhat:openshift_file_integrity_operator:1::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_file_integrity_operator:1::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8", "reference_id": "cpe:/a:redhat:openshift_serverless:1.36::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9", "reference_id": "cpe:/a:redhat:webterminal:1.11::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9", "reference_id": "cpe:/a:redhat:webterminal:1.12::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-49796", "reference_id": "CVE-2025-49796", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-49796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10630", "reference_id": "RHSA-2025:10630", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10698", "reference_id": "RHSA-2025:10698", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10699", "reference_id": "RHSA-2025:10699", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11580", "reference_id": "RHSA-2025:11580", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12098", "reference_id": "RHSA-2025:12098", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12099", "reference_id": "RHSA-2025:12099", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12199", "reference_id": "RHSA-2025:12199", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12237", "reference_id": "RHSA-2025:12237", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12239", "reference_id": "RHSA-2025:12239", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12240", "reference_id": "RHSA-2025:12240", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12241", "reference_id": "RHSA-2025:12241", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13335", "reference_id": "RHSA-2025:13335", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15827", "reference_id": "RHSA-2025:15827", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15828", "reference_id": "RHSA-2025:15828", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18219", "reference_id": "RHSA-2025:18219", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:18219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19020", "reference_id": "RHSA-2025:19020", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21913", "reference_id": "RHSA-2025:21913", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21913" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7694-1/", "reference_id": "USN-7694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-49796" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bz1e-1ypb-kkgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71838?format=api", "vulnerability_id": "VCID-c9ds-faa9-t7be", "summary": "libxml2: Use-After-Free in libxml2", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56171.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56171.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56171", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39997", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40044", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40054", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40017", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40029", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40055", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39977", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.4003", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56171" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56171", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56171" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098320", "reference_id": "1098320", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098320" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346416", "reference_id": "2346416", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346416" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828", "reference_id": "828", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T16:26:31Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2482", "reference_id": "RHSA-2025:2482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2483", "reference_id": "RHSA-2025:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2507", "reference_id": "RHSA-2025:2507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2513", "reference_id": "RHSA-2025:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2654", "reference_id": "RHSA-2025:2654", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2654" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2660", "reference_id": "RHSA-2025:2660", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2660" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2673", "reference_id": "RHSA-2025:2673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2678", "reference_id": "RHSA-2025:2678", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2678" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2679", "reference_id": "RHSA-2025:2679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2686", "reference_id": "RHSA-2025:2686", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2686" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2789", "reference_id": "RHSA-2025:2789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3055", "reference_id": "RHSA-2025:3055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3059", "reference_id": "RHSA-2025:3059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3066", "reference_id": "RHSA-2025:3066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3368", "reference_id": "RHSA-2025:3368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3397", "reference_id": "RHSA-2025:3397", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3397" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3453", "reference_id": "RHSA-2025:3453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3569", "reference_id": "RHSA-2025:3569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3867", "reference_id": "RHSA-2025:3867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4005", "reference_id": "RHSA-2025:4005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9895", "reference_id": "RHSA-2025:9895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9895" }, { "reference_url": "https://usn.ubuntu.com/7302-1/", "reference_id": "USN-7302-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7302-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2024-56171" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c9ds-faa9-t7be" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13082?format=api", "vulnerability_id": "VCID-cbm2-cez4-bqgh", "summary": "Use After Free\n`valid.c` in libxml2 before 2.9.13 has a use-after-free of `ID` and `IDREF` attributes.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23308.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23308.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23308", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15524", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15601", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15656", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15623", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15588", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15515", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16267", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16327", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006489", "reference_id": "1006489", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006489" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056913", "reference_id": "2056913", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056913" }, { "reference_url": "https://security.archlinux.org/AVG-2726", "reference_id": "AVG-2726", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2726" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23308", "reference_id": "CVE-2022-23308", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23308" }, { "reference_url": "https://security.gentoo.org/glsa/202210-03", "reference_id": "GLSA-202210-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0899", "reference_id": "RHSA-2022:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://usn.ubuntu.com/5324-1/", "reference_id": "USN-5324-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5324-1/" }, { "reference_url": "https://usn.ubuntu.com/5422-1/", "reference_id": "USN-5422-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5422-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2022-23308" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbm2-cez4-bqgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7346?format=api", "vulnerability_id": "VCID-cgfv-pps6-6khd", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8710.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8710.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04711", "scoring_system": "epss", "scoring_elements": "0.89371", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04711", "scoring_system": "epss", "scoring_elements": "0.89377", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04711", "scoring_system": "epss", "scoring_elements": "0.89374", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04711", "scoring_system": "epss", "scoring_elements": "0.89329", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04711", "scoring_system": "epss", "scoring_elements": "0.89334", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04711", "scoring_system": "epss", "scoring_elements": "0.89346", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04711", "scoring_system": "epss", "scoring_elements": "0.89348", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04711", "scoring_system": "epss", "scoring_elements": "0.89365", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04711", "scoring_system": "epss", "scoring_elements": "0.89369", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8710" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=746048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=746048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=e724879d964d774df9b7969fc846605aa1bac54c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=e724879d964d774df9b7969fc846605aa1bac54c" }, { "reference_url": "https://hackerone.com/reports/57125#activity-384861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/57125#activity-384861" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/04/19/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/04/19/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/09/13/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/09/13/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/12/31/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/12/31/7" }, { "reference_url": "http://www.securityfocus.com/bid/79811", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/79811" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213957", "reference_id": "1213957", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782985", "reference_id": "782985", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782985" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8710", "reference_id": "CVE-2015-8710", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2875-1/", "reference_id": "USN-2875-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2875-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8710" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cgfv-pps6-6khd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20687?format=api", "vulnerability_id": "VCID-d68t-f8j1-h3am", "summary": "Use After Free\nWhen using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25062.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25062.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25062", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37547", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37529", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37581", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37594", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37608", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37574", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37627", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37651", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/604", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T17:35:33Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/604" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063234", "reference_id": "1063234", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063234" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262726", "reference_id": "2262726", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262726" }, { "reference_url": "https://security.gentoo.org/glsa/202402-11", "reference_id": "GLSA-202402-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1317", "reference_id": "RHSA-2024:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2679", "reference_id": "RHSA-2024:2679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3299", "reference_id": "RHSA-2024:3299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3303", "reference_id": "RHSA-2024:3303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3625", "reference_id": "RHSA-2024:3625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3626", "reference_id": "RHSA-2024:3626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3626" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags", "reference_id": "tags", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T17:35:33Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags" }, { "reference_url": "https://usn.ubuntu.com/6658-1/", "reference_id": "USN-6658-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6658-1/" }, { "reference_url": "https://usn.ubuntu.com/6658-2/", "reference_id": "USN-6658-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6658-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2024-25062" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d68t-f8j1-h3am" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70438?format=api", "vulnerability_id": "VCID-drkd-yykc-ayge", "summary": "libxml2: Out-of-Bounds Read in libxml2", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32414.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32414.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32414", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.3946", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39424", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39468", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39479", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39441", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39483", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39397", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39453", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102521", "reference_id": "1102521", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102521" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121", "reference_id": "2358121", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12098", "reference_id": "RHSA-2025:12098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12237", "reference_id": "RHSA-2025:12237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12239", "reference_id": "RHSA-2025:12239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12240", "reference_id": "RHSA-2025:12240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12241", "reference_id": "RHSA-2025:12241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13428", "reference_id": "RHSA-2025:13428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13429", "reference_id": "RHSA-2025:13429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13677", "reference_id": "RHSA-2025:13677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13681", "reference_id": "RHSA-2025:13681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13683", "reference_id": "RHSA-2025:13683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13684", "reference_id": "RHSA-2025:13684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14059", "reference_id": "RHSA-2025:14059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14644", "reference_id": "RHSA-2025:14644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14818", "reference_id": "RHSA-2025:14818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14819", "reference_id": "RHSA-2025:14819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14853", "reference_id": "RHSA-2025:14853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14858", "reference_id": "RHSA-2025:14858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15308", "reference_id": "RHSA-2025:15308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15672", "reference_id": "RHSA-2025:15672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16159", "reference_id": "RHSA-2025:16159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22529", "reference_id": "RHSA-2025:22529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8958", "reference_id": "RHSA-2025:8958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8958" }, { "reference_url": "https://usn.ubuntu.com/7467-1/", "reference_id": "USN-7467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7467-1/" }, { "reference_url": "https://usn.ubuntu.com/7467-2/", "reference_id": "USN-7467-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7467-2/" }, { "reference_url": "https://usn.ubuntu.com/7896-1/", "reference_id": "USN-7896-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7896-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-32414" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-drkd-yykc-ayge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7394?format=api", "vulnerability_id": "VCID-e9c3-5gws-u3fp", "summary": "Use After Free\nMultiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allow remote attackers to cause a denial of service via a crafted XML document.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1837.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1837.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73765", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73774", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73717", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73727", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.7375", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73721", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73756", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73769", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73792", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1837" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=760263", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=760263" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=11ed4a7a90d5ce156a18980a4ad4e53e77384852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=11ed4a7a90d5ce156a18980a4ad4e53e77384852" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://support.apple.com/HT206564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206564" }, { "reference_url": "https://support.apple.com/HT206566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206566" }, { "reference_url": "https://support.apple.com/HT206567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206567" }, { "reference_url": "https://support.apple.com/HT206568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206568" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/90691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90691" }, { "reference_url": "http://www.securitytracker.com/id/1035890", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035890" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338696", "reference_id": "1338696", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338696" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1837", "reference_id": "CVE-2016-1837", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1837" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e9c3-5gws-u3fp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57379?format=api", "vulnerability_id": "VCID-eb6k-ppfd-m7a3", "summary": "Multiple vulnerabilities have been found in libxml2, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40304.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40304.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-40304", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37101", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.4453", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44548", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44487", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44537", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44542", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44559", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44529", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-40304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3" }, { "reference_url": "https://nokogiri.org/CHANGELOG.html#1139-2022-10-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nokogiri.org/CHANGELOG.html#1139-2022-10-18" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022225", "reference_id": "1022225", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022225" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/21", "reference_id": "21", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/21" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136288", "reference_id": "2136288", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136288" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/24", "reference_id": "24", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/24" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/25", "reference_id": "25", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/25" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/26", "reference_id": "26", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/26" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/27", "reference_id": "27", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/27" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40304", "reference_id": "CVE-2022-40304", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40304" }, { "reference_url": "https://security.gentoo.org/glsa/202210-39", "reference_id": "GLSA-202210-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-39" }, { "reference_url": "https://support.apple.com/kb/HT213531", "reference_id": "HT213531", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://support.apple.com/kb/HT213531" }, { "reference_url": "https://support.apple.com/kb/HT213533", "reference_id": "HT213533", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://support.apple.com/kb/HT213533" }, { "reference_url": "https://support.apple.com/kb/HT213534", "reference_id": "HT213534", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://support.apple.com/kb/HT213534" }, { "reference_url": "https://support.apple.com/kb/HT213535", "reference_id": "HT213535", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://support.apple.com/kb/HT213535" }, { "reference_url": "https://support.apple.com/kb/HT213536", "reference_id": "HT213536", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://support.apple.com/kb/HT213536" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221209-0003/", "reference_id": "ntap-20221209-0003", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221209-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0173", "reference_id": "RHSA-2023:0173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0338", "reference_id": "RHSA-2023:0338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0413", "reference_id": "RHSA-2024:0413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0413" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags", "reference_id": "tags", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags" }, { "reference_url": "https://usn.ubuntu.com/5760-1/", "reference_id": "USN-5760-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5760-1/" }, { "reference_url": "https://usn.ubuntu.com/5760-2/", "reference_id": "USN-5760-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5760-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2022-40304" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eb6k-ppfd-m7a3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7510?format=api", "vulnerability_id": "VCID-ecde-c15q-ukh1", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nxpointer.c in libxml2 (as used in Apple iOS, OS X, tvOS, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4658.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4658.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4658", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17714", "scoring_system": "epss", "scoring_elements": "0.95117", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.17714", "scoring_system": "epss", "scoring_elements": "0.95096", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.17714", "scoring_system": "epss", "scoring_elements": "0.95103", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.17714", "scoring_system": "epss", "scoring_elements": "0.95107", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.17714", "scoring_system": "epss", "scoring_elements": "0.95113", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.17714", "scoring_system": "epss", "scoring_elements": "0.95115", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.18099", "scoring_system": "epss", "scoring_elements": "0.95156", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.18099", "scoring_system": "epss", "scoring_elements": "0.95154", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.18099", "scoring_system": "epss", "scoring_elements": "0.95143", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4658" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1615", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1615" }, { "reference_url": "https://support.apple.com/HT207141", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT207141" }, { "reference_url": "https://support.apple.com/HT207142", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT207142" }, { "reference_url": "https://support.apple.com/HT207143", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT207143" }, { "reference_url": "https://support.apple.com/HT207170", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT207170" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384424", "reference_id": "1384424", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384424" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840553", "reference_id": "840553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840553" }, { "reference_url": "https://security.archlinux.org/ASA-201611-2", "reference_id": "ASA-201611-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-2" }, { "reference_url": "https://security.archlinux.org/AVG-56", "reference_id": "AVG-56", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-56" }, { "reference_url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4448.html", "reference_id": "CVE-2016-4448.HTML", "reference_type": "", "scores": [], "url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4448.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4658", "reference_id": "CVE-2016-4658", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4658" }, { "reference_url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html", "reference_id": "CVE-2016-4658.HTML", "reference_type": "", "scores": [], "url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html" }, { "reference_url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5131.html", "reference_id": "CVE-2016-5131.HTML", "reference_type": "", "scores": [], "url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5131.html" }, { "reference_url": "https://github.com/advisories/GHSA-fr52-4hqw-p27f", "reference_id": "GHSA-fr52-4hqw-p27f", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fr52-4hqw-p27f" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3810", "reference_id": "RHSA-2021:3810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3810" }, { "reference_url": "https://usn.ubuntu.com/3235-1/", "reference_id": "USN-3235-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3235-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-4658", "GHSA-fr52-4hqw-p27f" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ecde-c15q-ukh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7395?format=api", "vulnerability_id": "VCID-eebz-xjem-cygz", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlStrncat function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1834.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1834.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02369", "scoring_system": "epss", "scoring_elements": "0.84876", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02369", "scoring_system": "epss", "scoring_elements": "0.84953", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02369", "scoring_system": "epss", "scoring_elements": "0.84958", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02369", "scoring_system": "epss", "scoring_elements": "0.8496", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02369", "scoring_system": "epss", "scoring_elements": "0.84944", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02369", "scoring_system": "epss", "scoring_elements": "0.84937", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02369", "scoring_system": "epss", "scoring_elements": "0.84914", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02369", "scoring_system": "epss", "scoring_elements": "0.8491", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02369", "scoring_system": "epss", "scoring_elements": "0.84892", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1834" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=763071", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=763071" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://support.apple.com/HT206564", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://support.apple.com/HT206564" }, { "reference_url": "https://support.apple.com/HT206566", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://support.apple.com/HT206566" }, { "reference_url": "https://support.apple.com/HT206567", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://support.apple.com/HT206567" }, { "reference_url": "https://support.apple.com/HT206568", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://support.apple.com/HT206568" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/90691", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://www.securityfocus.com/bid/90691" }, { "reference_url": "http://www.securitytracker.com/id/1035890", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://www.securitytracker.com/id/1035890" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338708", "reference_id": "1338708", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338708" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1834", "reference_id": "CVE-2016-1834", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1834" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1834" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eebz-xjem-cygz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44702?format=api", "vulnerability_id": "VCID-ek5d-m9pn-3fec", "summary": "Multiple vulnerabilities have been found in libxml2, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3517.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3517.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3517", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.2884", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28891", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.2893", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28889", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28934", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29474", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29358", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29427", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3517" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954232", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954232" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3517.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3517.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/blob/7c19ef5cc6b7c5c36827dd5495f857c6877ec8cf/CHANGELOG.md?plain=1#L579", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/blob/7c19ef5cc6b7c5c36827dd5495f857c6877ec8cf/CHANGELOG.md?plain=1#L579" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/2233", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/2233" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/2274", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/2274" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3517", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3517" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210625-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210625-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210625-0002/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210625-0002/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211022-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20211022-0004" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211022-0004/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20211022-0004/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987738", "reference_id": "987738", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987738" }, { "reference_url": "https://security.archlinux.org/AVG-1883", "reference_id": "AVG-1883", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1883" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/", "reference_id": "BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/" }, { "reference_url": "https://github.com/advisories/GHSA-jw9f-hh49-cvp9", "reference_id": "GHSA-jw9f-hh49-cvp9", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jw9f-hh49-cvp9" }, { "reference_url": "https://security.gentoo.org/glsa/202107-05", "reference_id": "GLSA-202107-05", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://security.gentoo.org/glsa/202107-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/", "reference_id": "QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2569", "reference_id": "RHSA-2021:2569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2021-3517", "GHSA-jw9f-hh49-cvp9" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ek5d-m9pn-3fec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7238?format=api", "vulnerability_id": "VCID-ghaf-ynsg-uuea", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8242.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8242.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8242", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80206", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80211", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80153", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.8016", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.8018", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80169", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80197", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80205", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80225", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8242" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=756372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=756372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" }, { "reference_url": "https://support.apple.com/HT206166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206166" }, { "reference_url": "https://support.apple.com/HT206167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206167" }, { "reference_url": "https://support.apple.com/HT206168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206168" }, { "reference_url": "https://support.apple.com/HT206169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206169" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/17/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/17/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/18/23", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/11/18/23" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/77681", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77681" }, { "reference_url": "http://www.securitytracker.com/id/1034243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034243" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2834-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2834-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281950", "reference_id": "1281950", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281950" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805146", "reference_id": "805146", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805146" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8242", "reference_id": "CVE-2015-8242", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8242" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8242" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ghaf-ynsg-uuea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8545?format=api", "vulnerability_id": "VCID-gvmn-4dtv-8qcj", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nparser.c in libxml2 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16931.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16931.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16931", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0165", "scoring_system": "epss", "scoring_elements": "0.81939", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0165", "scoring_system": "epss", "scoring_elements": "0.82006", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0165", "scoring_system": "epss", "scoring_elements": "0.82004", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0165", "scoring_system": "epss", "scoring_elements": "0.82023", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0165", "scoring_system": "epss", "scoring_elements": "0.82012", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0165", "scoring_system": "epss", "scoring_elements": "0.8195", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0165", "scoring_system": "epss", "scoring_elements": "0.81973", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0165", "scoring_system": "epss", "scoring_elements": "0.81969", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0165", "scoring_system": "epss", "scoring_elements": "0.81996", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16931" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=766956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=766956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16931", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16931" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/GNOME/libxml2/commit/e26630548e7d138d2c560844c43820b6767251e3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/GNOME/libxml2/commit/e26630548e7d138d2c560844c43820b6767251e3" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517307", "reference_id": "1517307", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517307" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16931", "reference_id": "CVE-2017-16931", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16931" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038282?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-16931" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gvmn-4dtv-8qcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7250?format=api", "vulnerability_id": "VCID-gxsm-qvkt-gygy", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7498.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7498.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87149", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87097", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87108", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87125", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87118", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87139", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87146", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03265", "scoring_system": "epss", "scoring_elements": "0.87153", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/79548", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/79548" }, { "reference_url": "http://www.securitytracker.com/id/1034243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034243" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2834-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2834-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281879", "reference_id": "1281879", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281879" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7498", "reference_id": "CVE-2015-7498", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7498" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-7498" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gxsm-qvkt-gygy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71837?format=api", "vulnerability_id": "VCID-hafa-bcpu-8uaj", "summary": "libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27113.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27113.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27113", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26313", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26146", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26242", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26249", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26204", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26354", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26127", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26194", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27113" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27113", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27113" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098322", "reference_id": "1098322", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098322" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346410", "reference_id": "2346410", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346410" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/861", "reference_id": "861", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T15:33:43Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/861" }, { "reference_url": "https://usn.ubuntu.com/7302-1/", "reference_id": "USN-7302-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7302-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-27113" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hafa-bcpu-8uaj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7329?format=api", "vulnerability_id": "VCID-ked7-5tjg-nudx", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlNextChar function in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1762.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1762.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08579", "scoring_system": "epss", "scoring_elements": "0.92379", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08579", "scoring_system": "epss", "scoring_elements": "0.92402", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08579", "scoring_system": "epss", "scoring_elements": "0.92407", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08579", "scoring_system": "epss", "scoring_elements": "0.92413", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08579", "scoring_system": "epss", "scoring_elements": "0.92415", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08579", "scoring_system": "epss", "scoring_elements": "0.92386", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08579", "scoring_system": "epss", "scoring_elements": "0.92372", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08579", "scoring_system": "epss", "scoring_elements": "0.9239", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1762" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=759671", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=759671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://support.apple.com/HT206166", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://support.apple.com/HT206166" }, { "reference_url": "https://support.apple.com/HT206167", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://support.apple.com/HT206167" }, { "reference_url": "https://support.apple.com/HT206168", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://support.apple.com/HT206168" }, { "reference_url": "https://support.apple.com/HT206169", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://support.apple.com/HT206169" }, { "reference_url": "https://support.apple.com/HT206171", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://support.apple.com/HT206171" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/85059", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://www.securityfocus.com/bid/85059" }, { "reference_url": "http://www.securitytracker.com/id/1035353", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://www.securitytracker.com/id/1035353" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338711", "reference_id": "1338711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338711" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1762", "reference_id": "CVE-2016-1762", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1762" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1762" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ked7-5tjg-nudx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7928?format=api", "vulnerability_id": "VCID-mm88-amve-quh6", "summary": "Out-of-bounds Read\nThe htmlParseTryOrFinish function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (buffer over-read) or information disclosure.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8872.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8872.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8872", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.393", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39425", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39461", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39485", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39399", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39454", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.3947", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39481", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39442", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8872" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=775200", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:59:00Z/" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=775200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8872" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:59:00Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449541", "reference_id": "1449541", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449541" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862450", "reference_id": "862450", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862450" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.9.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8872", "reference_id": "CVE-2017-8872", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8872" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038282?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-8872" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mm88-amve-quh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7420?format=api", "vulnerability_id": "VCID-netm-9gxh-3yh4", "summary": "Use of Externally-Controlled Format String\nFormat string vulnerability in libxml2 allows attackers to have unspecified impact via format string specifiers in unknown vectors.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4448.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4448.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4448", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78939", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78965", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78949", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78892", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78898", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78928", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.7891", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78935", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78941", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://support.apple.com/HT206899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206899" }, { "reference_url": "https://support.apple.com/HT206901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206901" }, { "reference_url": "https://support.apple.com/HT206902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206902" }, { "reference_url": "https://support.apple.com/HT206903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206903" }, { "reference_url": "https://support.apple.com/HT206904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206904" }, { "reference_url": "https://support.apple.com/HT206905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206905" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/05/25/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/05/25/2" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/90856", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90856" }, { "reference_url": "http://www.securitytracker.com/id/1036348", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036348" }, { "reference_url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338700", "reference_id": "1338700", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338700" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829718", "reference_id": "829718", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829718" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:log_correlation_engine:4.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tenable:log_correlation_engine:4.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:log_correlation_engine:4.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4448", "reference_id": "CVE-2016-4448", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4448" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/3235-1/", "reference_id": "USN-3235-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3235-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-4448" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-netm-9gxh-3yh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84942?format=api", "vulnerability_id": "VCID-nuh8-qd25-ykan", "summary": "libxml2: Incorrect server side include parsing can lead to XSS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3709.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3709.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3709", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33794", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34132", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34164", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34024", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34067", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45494", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45499", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45489", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3709" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2112766", "reference_id": "2112766", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2112766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7715", "reference_id": "RHSA-2022:7715", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7715" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4767", "reference_id": "RHSA-2023:4767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4767" }, { "reference_url": "https://usn.ubuntu.com/5548-1/", "reference_id": "USN-5548-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5548-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2016-3709" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nuh8-qd25-ykan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/19293?format=api", "vulnerability_id": "VCID-pdv9-xrh8-d3fz", "summary": "Use After Free\nThis advisory has been marked as False Positive and removed.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45322.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45322.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-45322", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22953", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22843", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22864", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22916", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22937", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.229", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22997", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22789", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-45322" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T18:12:15Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/583", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T18:12:15Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/583" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/06/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T18:12:15Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/06/5" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053629", "reference_id": "1053629", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053629" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242945", "reference_id": "2242945", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242945" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45322", "reference_id": "CVE-2023-45322", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45322" }, { "reference_url": "https://security.gentoo.org/glsa/202402-11", "reference_id": "GLSA-202402-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2023-45322" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pdv9-xrh8-d3fz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71953?format=api", "vulnerability_id": "VCID-qh44-gavt-rbdw", "summary": "libxml: use-after-free in xmlXIncludeAddNode", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49043.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49043.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-49043", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.448", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44803", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44761", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44813", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44816", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44832", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44802", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44821", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-49043" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-49043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-49043" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094238", "reference_id": "1094238", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094238" }, { "reference_url": "https://github.com/php/php-src/issues/17467", "reference_id": "17467", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-27T14:52:22Z/" } ], "url": "https://github.com/php/php-src/issues/17467" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342118", "reference_id": "2342118", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342118" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b", "reference_id": "5a19e21605398cef6a8b1452477a8705cb41562b", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-27T14:52:22Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1350", "reference_id": "RHSA-2025:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1487", "reference_id": "RHSA-2025:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1516", "reference_id": "RHSA-2025:1516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1517", "reference_id": "RHSA-2025:1517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1925", "reference_id": "RHSA-2025:1925", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1925" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2507", "reference_id": "RHSA-2025:2507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2678", "reference_id": "RHSA-2025:2678", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2678" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3775", "reference_id": "RHSA-2025:3775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4409", "reference_id": "RHSA-2025:4409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4422", "reference_id": "RHSA-2025:4422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4677", "reference_id": "RHSA-2025:4677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7702", "reference_id": "RHSA-2025:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7702" }, { "reference_url": "https://usn.ubuntu.com/7240-1/", "reference_id": "USN-7240-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7240-1/" }, { "reference_url": "https://usn.ubuntu.com/7302-1/", "reference_id": "USN-7302-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7302-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2022-49043" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qh44-gavt-rbdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70212?format=api", "vulnerability_id": "VCID-qp6y-dt1j-97df", "summary": "libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32415.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32415.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21953", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21904", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21915", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21874", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.22006", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21771", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21848", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103511", "reference_id": "1103511", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103511" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360768", "reference_id": "2360768", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13203", "reference_id": "RHSA-2025:13203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13428", "reference_id": "RHSA-2025:13428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13429", "reference_id": "RHSA-2025:13429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13622", "reference_id": "RHSA-2025:13622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13677", "reference_id": "RHSA-2025:13677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13681", "reference_id": "RHSA-2025:13681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13683", "reference_id": "RHSA-2025:13683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13684", "reference_id": "RHSA-2025:13684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13688", "reference_id": "RHSA-2025:13688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13689", "reference_id": "RHSA-2025:13689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13788", "reference_id": "RHSA-2025:13788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13789", "reference_id": "RHSA-2025:13789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13806", "reference_id": "RHSA-2025:13806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14059", "reference_id": "RHSA-2025:14059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14186", "reference_id": "RHSA-2025:14186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14644", "reference_id": "RHSA-2025:14644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14818", "reference_id": "RHSA-2025:14818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14819", "reference_id": "RHSA-2025:14819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14853", "reference_id": "RHSA-2025:14853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14858", "reference_id": "RHSA-2025:14858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15308", "reference_id": "RHSA-2025:15308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15672", "reference_id": "RHSA-2025:15672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16159", "reference_id": "RHSA-2025:16159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22529", "reference_id": "RHSA-2025:22529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22529" }, { "reference_url": "https://usn.ubuntu.com/7467-1/", "reference_id": "USN-7467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7467-1/" }, { "reference_url": "https://usn.ubuntu.com/7467-2/", "reference_id": "USN-7467-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7467-2/" }, { "reference_url": "https://usn.ubuntu.com/7896-1/", "reference_id": "USN-7896-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7896-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050284?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-32415" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qp6y-dt1j-97df" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17357?format=api", "vulnerability_id": "VCID-qpnt-xvgv-s3cq", "summary": "This advisory has been invalidated.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28484.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28484.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28484", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48197", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48186", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49179", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.4915", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49181", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49184", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.4913", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49199", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28484" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29469" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/491", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/491" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html" }, { "reference_url": "https://nokogiri.org/CHANGELOG.html#1143-2023-04-11", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nokogiri.org/CHANGELOG.html#1143-2023-04-11" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034436", "reference_id": "1034436", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034436" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185994", "reference_id": "2185994", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185994" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28484", "reference_id": "CVE-2023-28484", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28484" }, { "reference_url": "https://security.gentoo.org/glsa/202402-11", "reference_id": "GLSA-202402-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-11" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230601-0006/", "reference_id": "ntap-20230601-0006", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230601-0006/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0005/", "reference_id": "ntap-20240201-0005", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0005/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4349", "reference_id": "RHSA-2023:4349", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4529", "reference_id": "RHSA-2023:4529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0413", "reference_id": "RHSA-2024:0413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0413" }, { "reference_url": "https://usn.ubuntu.com/6028-1/", "reference_id": "USN-6028-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6028-1/" }, { "reference_url": "https://usn.ubuntu.com/6028-2/", "reference_id": "USN-6028-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6028-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2023-28484" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qpnt-xvgv-s3cq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7950?format=api", "vulnerability_id": "VCID-qqte-z1e6-xuh7", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nA buffer overflow was discovered in libxml2 . The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is assigned strlen(buf). If the content->type is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content->prefix is appended to buf (if it actually fits) whereupon (ii) content->name is written to the buffer. However, the check for whether the content->name actually fits also uses 'len' rather than the updated buffer length strlen(buf). This allows us to write about \"size\" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9047.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9047.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0266", "scoring_system": "epss", "scoring_elements": "0.85787", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0266", "scoring_system": "epss", "scoring_elements": "0.85779", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0266", "scoring_system": "epss", "scoring_elements": "0.85793", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0266", "scoring_system": "epss", "scoring_elements": "0.8579", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02891", "scoring_system": "epss", "scoring_elements": "0.86261", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02891", "scoring_system": "epss", "scoring_elements": "0.86279", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02891", "scoring_system": "epss", "scoring_elements": "0.86298", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02891", "scoring_system": "epss", "scoring_elements": "0.86278", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03032", "scoring_system": "epss", "scoring_elements": "0.86594", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452554", "reference_id": "1452554", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452554" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863022", "reference_id": "863022", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863022" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9047", "reference_id": "CVE-2017-9047", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9047" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038282?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-9047" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qqte-z1e6-xuh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7551?format=api", "vulnerability_id": "VCID-qtp3-a1g7-8kgw", "summary": "Improper Restriction of XML External Entity Reference\nlibxml2, as used in XMLSec and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9318.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9318.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9318", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31023", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31068", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32866", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32769", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32722", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32901", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32735", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.3896", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38972", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395609", "reference_id": "1395609", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395609" }, { "reference_url": "https://github.com/lsh123/xmlsec/issues/43", "reference_id": "43", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/" } ], "url": "https://github.com/lsh123/xmlsec/issues/43" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844581", "reference_id": "844581", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844581" }, { "reference_url": "http://www.securityfocus.com/bid/94347", "reference_id": "94347", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/" } ], "url": "http://www.securityfocus.com/bid/94347" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9318", "reference_id": "CVE-2016-9318", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9318" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=772726", "reference_id": "show_bug.cgi?id=772726", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=772726" }, { "reference_url": "https://usn.ubuntu.com/3739-2/", "reference_id": "USN-3739-2", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/" } ], "url": "https://usn.ubuntu.com/3739-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2016-9318" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtp3-a1g7-8kgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33329?format=api", "vulnerability_id": "VCID-qv3r-ppuc-zycz", "summary": "libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation\nxmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.\nThe Nokogiri RubyGem has patched its vendored copy of libxml2 in order to prevent this issue from affecting nokogiri.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7595.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7595.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7595", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00473", "scoring_system": "epss", "scoring_elements": "0.64712", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00473", "scoring_system": "epss", "scoring_elements": "0.6472", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00473", "scoring_system": "epss", "scoring_elements": "0.64672", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00473", "scoring_system": "epss", "scoring_elements": "0.64751", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00473", "scoring_system": "epss", "scoring_elements": "0.6474", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00473", "scoring_system": "epss", "scoring_elements": "0.64734", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65326", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65375", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65401", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7595" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7595", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7595" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2020-7595.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2020-7595.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1992", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1992" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7595", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7595" }, { "reference_url": "https://security.gentoo.org/glsa/202010-04", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://security.gentoo.org/glsa/202010-04" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200702-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200702-0005" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200702-0005/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20200702-0005/" }, { "reference_url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08" }, { "reference_url": "https://usn.ubuntu.com/4274-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/4274-1" }, { "reference_url": "https://usn.ubuntu.com/4274-1/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://usn.ubuntu.com/4274-1/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799786", "reference_id": "1799786", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799786" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/", "reference_id": "545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/", "reference_id": "5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949582", "reference_id": "949582", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949582" }, { "reference_url": "https://security.archlinux.org/ASA-202011-15", "reference_id": "ASA-202011-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-15" }, { "reference_url": "https://security.archlinux.org/AVG-1263", "reference_id": "AVG-1263", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1263" }, { "reference_url": "https://github.com/advisories/GHSA-7553-jr98-vx47", "reference_id": "GHSA-7553-jr98-vx47", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7553-jr98-vx47" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/", "reference_id": "JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2644", "reference_id": "RHSA-2020:2644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2646", "reference_id": "RHSA-2020:2646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3996", "reference_id": "RHSA-2020:3996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4479", "reference_id": "RHSA-2020:4479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2020-7595", "GHSA-7553-jr98-vx47" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qv3r-ppuc-zycz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61904?format=api", "vulnerability_id": "VCID-qxwq-xwaw-nyak", "summary": "Multiple vulnerabilities have been found in libxml2, the worst of\n which could result in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0663.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0663.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77393", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77448", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77471", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77451", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77399", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77426", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77405", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77436", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01042", "scoring_system": "epss", "scoring_elements": "0.77445", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462225", "reference_id": "1462225", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462225" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870870", "reference_id": "870870", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870870" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038282?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-0663" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxwq-xwaw-nyak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7397?format=api", "vulnerability_id": "VCID-r7q9-7u4b-83cz", "summary": "Out-of-bounds Read\nThe htmlCurrentChar function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1833.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1833.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.79013", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.79023", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.78967", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.78973", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.78999", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.78984", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.79008", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.79015", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01214", "scoring_system": "epss", "scoring_elements": "0.79039", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1833" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=636", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=636" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=758606", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=758606" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=0bcd05c5cd83dec3406c8f68b769b1d610c72f76", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=0bcd05c5cd83dec3406c8f68b769b1d610c72f76" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://support.apple.com/HT206564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206564" }, { "reference_url": "https://support.apple.com/HT206566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206566" }, { "reference_url": "https://support.apple.com/HT206567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206567" }, { "reference_url": "https://support.apple.com/HT206568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206568" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/90691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90691" }, { "reference_url": "http://www.securitytracker.com/id/1035890", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035890" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338682", "reference_id": "1338682", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338682" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1833", "reference_id": "CVE-2016-1833", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1833" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1833" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r7q9-7u4b-83cz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7949?format=api", "vulnerability_id": "VCID-rhgj-t5cp-wkbh", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nlibxml2 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9048.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9048.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00601", "scoring_system": "epss", "scoring_elements": "0.69484", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00601", "scoring_system": "epss", "scoring_elements": "0.69492", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00601", "scoring_system": "epss", "scoring_elements": "0.69513", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00601", "scoring_system": "epss", "scoring_elements": "0.69498", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69951", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69911", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69903", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69926", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00618", "scoring_system": "epss", "scoring_elements": "0.69898", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452549", "reference_id": "1452549", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452549" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863021", "reference_id": "863021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863021" }, { "reference_url": "http://www.securityfocus.com/bid/98556", "reference_id": "98556", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:40:41Z/" } ], "url": "http://www.securityfocus.com/bid/98556" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9048", "reference_id": "CVE-2017-9048", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9048" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038282?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-9048" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rhgj-t5cp-wkbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/10893?format=api", "vulnerability_id": "VCID-rsvx-3f49-v3an", "summary": "Improper Restriction of Recursive Entity References in DTDs (XML Entity Expansion)\nA flaw was found in libxml2. By exploiting an exponential entity expansion attack its possible bypassing all existing protection mechanisms and lead to a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3541.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18918", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.1887", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18968", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18921", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.19054", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.19106", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18828", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18907", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18962", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3541" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1950515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1950515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3541" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210805-0007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20210805-0007/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988603", "reference_id": "988603", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988603" }, { "reference_url": "https://security.archlinux.org/AVG-1883", "reference_id": "AVG-1883", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1883" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3541", "reference_id": "CVE-2021-3541", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3541" }, { "reference_url": "https://security.gentoo.org/glsa/202107-05", "reference_id": "GLSA-202107-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2569", "reference_id": "RHSA-2021:2569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2021-3541" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rsvx-3f49-v3an" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7876?format=api", "vulnerability_id": "VCID-s3j9-1zq5-zkf5", "summary": "Deserialization of Untrusted Data\nThe xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4483.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4483.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.7949", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79516", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79499", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.7944", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79447", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79471", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79458", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79486", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79494", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=c97750d11bb8b6f3303e7131fe526a61ac65bcfd", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=c97750d11bb8b6f3303e7131fe526a61ac65bcfd" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/05/03/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/05/03/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/05/04/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/05/04/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/06/07/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/06/07/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/06/07/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/06/07/5" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.securityfocus.com/bid/90013", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90013" }, { "reference_url": "http://www.securitytracker.com/id/1036348", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036348" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332820", "reference_id": "1332820", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332820" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823405", "reference_id": "823405", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823405" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4483", "reference_id": "CVE-2016-4483", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4483" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-4483" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s3j9-1zq5-zkf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14289?format=api", "vulnerability_id": "VCID-s9r4-a3uz-4yhp", "summary": "Integer Overflow or Wraparound\nIn libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29824.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29824.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22466", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22489", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22543", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22562", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22521", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22407", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22976", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.2302", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxslt/-/tags", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxslt/-/tags" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010526", "reference_id": "1010526", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010526" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082158", "reference_id": "2082158", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082158" }, { "reference_url": "https://security.archlinux.org/AVG-2726", "reference_id": "AVG-2726", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2726" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29824", "reference_id": "CVE-2022-29824", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29824" }, { "reference_url": "https://security.gentoo.org/glsa/202210-03", "reference_id": "GLSA-202210-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5250", "reference_id": "RHSA-2022:5250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5317", "reference_id": "RHSA-2022:5317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5422-1/", "reference_id": "USN-5422-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5422-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038282?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2022-29824" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s9r4-a3uz-4yhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9765?format=api", "vulnerability_id": "VCID-t53m-6vvr-27cf", "summary": "Loop with Unreachable Exit Condition ('Infinite Loop')\nlibxml2, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14567.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14567.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14567", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71451", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71459", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71476", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71449", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71489", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71501", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71524", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71508", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.7149", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14567" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", "reference_id": "1619875", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1619875" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", "reference_id": "CVE-2018-14567", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14567" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1190", "reference_id": "RHSA-2020:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1190" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2018-14567" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t53m-6vvr-27cf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7419?format=api", "vulnerability_id": "VCID-t9pa-yw9s-kqb9", "summary": "Improper Input Validation\nXML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.", "references": [ { "reference_url": "http://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000066.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000066.html" }, { "reference_url": "http://jvn.jp/en/jp/JVN17535578/index.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://jvn.jp/en/jp/JVN17535578/index.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4449.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4449.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31035", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31123", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3108", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31041", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31166", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31212", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31032", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31088", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31117", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://support.apple.com/HT206899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206899" }, { "reference_url": "https://support.apple.com/HT206901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206901" }, { "reference_url": "https://support.apple.com/HT206902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206902" }, { "reference_url": "https://support.apple.com/HT206903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206903" }, { "reference_url": "https://support.apple.com/HT206904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206904" }, { "reference_url": "https://support.apple.com/HT206905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206905" }, { "reference_url": "https://support.cybozu.com/ja-jp/article/9735", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.cybozu.com/ja-jp/article/9735" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/05/25/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/05/25/2" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/90865", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90865" }, { "reference_url": "http://www.securitytracker.com/id/1036348", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036348" }, { "reference_url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338701", "reference_id": "1338701", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338701" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4449", "reference_id": "CVE-2016-4449", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-4449" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t9pa-yw9s-kqb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7418?format=api", "vulnerability_id": "VCID-tazr-2qgq-77fy", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseElementDecl function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4447.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4447.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02064", "scoring_system": "epss", "scoring_elements": "0.83924", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02064", "scoring_system": "epss", "scoring_elements": "0.83934", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02064", "scoring_system": "epss", "scoring_elements": "0.83928", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02064", "scoring_system": "epss", "scoring_elements": "0.83856", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02064", "scoring_system": "epss", "scoring_elements": "0.8387", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02064", "scoring_system": "epss", "scoring_elements": "0.83886", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02064", "scoring_system": "epss", "scoring_elements": "0.83887", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02064", "scoring_system": "epss", "scoring_elements": "0.83911", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02064", "scoring_system": "epss", "scoring_elements": "0.83917", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://support.apple.com/HT206899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206899" }, { "reference_url": "https://support.apple.com/HT206901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206901" }, { "reference_url": "https://support.apple.com/HT206902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206902" }, { "reference_url": "https://support.apple.com/HT206903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206903" }, { "reference_url": "https://support.apple.com/HT206904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206904" }, { "reference_url": "https://support.apple.com/HT206905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206905" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/05/25/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/05/25/2" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/90864", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90864" }, { "reference_url": "http://www.securitytracker.com/id/1036348", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036348" }, { "reference_url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338686", "reference_id": "1338686", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338686" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes:12.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apple:itunes:12.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes:12.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4447", "reference_id": "CVE-2016-4447", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-4447" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tazr-2qgq-77fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/9793?format=api", "vulnerability_id": "VCID-tn87-vke6-kuf6", "summary": "Use After Free\nUse after free in libxml2, as used in Google Chrome and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3401", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0287", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0287" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15412.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15412.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15412", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01891", "scoring_system": "epss", "scoring_elements": "0.83181", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01891", "scoring_system": "epss", "scoring_elements": "0.83187", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01891", "scoring_system": "epss", "scoring_elements": "0.83149", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01891", "scoring_system": "epss", "scoring_elements": "0.83174", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01891", "scoring_system": "epss", "scoring_elements": "0.83191", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01891", "scoring_system": "epss", "scoring_elements": "0.83197", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01943", "scoring_system": "epss", "scoring_elements": "0.8337", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01943", "scoring_system": "epss", "scoring_elements": "0.83383", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01943", "scoring_system": "epss", "scoring_elements": "0.83398", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15412" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=783160", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=783160" }, { "reference_url": "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html" }, { "reference_url": "https://crbug.com/727039", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://crbug.com/727039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-15412.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-15412.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1714", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1714" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html" }, { "reference_url": "https://web.archive.org/web/20201208155618/http://www.securitytracker.com/id/1040348", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201208155618/http://www.securitytracker.com/id/1040348" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4086", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2018/dsa-4086" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", "reference_id": "1523128", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523128" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883790", "reference_id": "883790", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883790" }, { "reference_url": "https://security.archlinux.org/ASA-201712-5", "reference_id": "ASA-201712-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201712-5" }, { "reference_url": "https://security.archlinux.org/AVG-544", "reference_id": "AVG-544", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-544" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", "reference_id": "CVE-2017-15412", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15412" }, { "reference_url": "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html", "reference_id": "CVE-2017-15412.HTML", "reference_type": "", "scores": [], "url": "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html" }, { "reference_url": "https://github.com/advisories/GHSA-r58r-74gx-6wx3", "reference_id": "GHSA-r58r-74gx-6wx3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r58r-74gx-6wx3" }, { "reference_url": "https://security.gentoo.org/glsa/201801-03", "reference_id": "GLSA-201801-03", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201801-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1190", "reference_id": "RHSA-2020:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1190" }, { "reference_url": "https://usn.ubuntu.com/3513-1/", "reference_id": "USN-3513-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3513-1/" }, { "reference_url": "https://usn.ubuntu.com/3513-2/", "reference_id": "USN-3513-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3513-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038282?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-15412", "GHSA-r58r-74gx-6wx3" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tn87-vke6-kuf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7285?format=api", "vulnerability_id": "VCID-tyk2-gq2c-bbcn", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2073.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2073.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.7988", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.79905", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.79887", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.79831", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.79839", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.7986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.79848", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.79876", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01321", "scoring_system": "epss", "scoring_elements": "0.79884", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/01/25/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/01/25/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/01/26/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/01/26/7" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.securityfocus.com/bid/85267", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/85267" }, { "reference_url": "http://www.securitytracker.com/id/1035011", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035011" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301928", "reference_id": "1301928", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301928" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812807", "reference_id": "812807", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812807" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2073", "reference_id": "CVE-2016-2073", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2073" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-2073" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tyk2-gq2c-bbcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57378?format=api", "vulnerability_id": "VCID-udew-3gre-13hy", "summary": "Multiple vulnerabilities have been found in libxml2, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40303.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40303.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-40303", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39746", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39712", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39768", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39687", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39741", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39755", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39765", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39729", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-40303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3" }, { "reference_url": "https://nokogiri.org/CHANGELOG.html#1139-2022-10-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nokogiri.org/CHANGELOG.html#1139-2022-10-18" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022224", "reference_id": "1022224", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022224" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/21", "reference_id": "21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/21" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136266", "reference_id": "2136266", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136266" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/24", "reference_id": "24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/24" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/25", "reference_id": "25", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/25" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/26", "reference_id": "26", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/26" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/27", "reference_id": "27", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/27" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40303", "reference_id": "CVE-2022-40303", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40303" }, { "reference_url": "https://security.gentoo.org/glsa/202210-39", "reference_id": "GLSA-202210-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-39" }, { "reference_url": "https://support.apple.com/kb/HT213531", "reference_id": "HT213531", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://support.apple.com/kb/HT213531" }, { "reference_url": "https://support.apple.com/kb/HT213533", "reference_id": "HT213533", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://support.apple.com/kb/HT213533" }, { "reference_url": "https://support.apple.com/kb/HT213534", "reference_id": "HT213534", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://support.apple.com/kb/HT213534" }, { "reference_url": "https://support.apple.com/kb/HT213535", "reference_id": "HT213535", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://support.apple.com/kb/HT213535" }, { "reference_url": "https://support.apple.com/kb/HT213536", "reference_id": "HT213536", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://support.apple.com/kb/HT213536" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221209-0003/", "reference_id": "ntap-20221209-0003", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221209-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0173", "reference_id": "RHSA-2023:0173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0338", "reference_id": "RHSA-2023:0338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0413", "reference_id": "RHSA-2024:0413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0413" }, { "reference_url": "https://usn.ubuntu.com/5760-1/", "reference_id": "USN-5760-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5760-1/" }, { "reference_url": "https://usn.ubuntu.com/5760-2/", "reference_id": "USN-5760-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5760-2/" }, { "reference_url": "https://usn.ubuntu.com/7659-1/", "reference_id": "USN-7659-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7659-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2022-40303" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-udew-3gre-13hy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81686?format=api", "vulnerability_id": "VCID-ugyh-dycm-3bc3", "summary": "libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19956.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19956.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19956", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36075", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3601", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36204", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36231", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36066", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36115", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36133", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3614", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36102", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788856", "reference_id": "1788856", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788856" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549", "reference_id": "5a02583c7e683896d84878bd90641d8d9b0d0549", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/", "reference_id": "5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19956", "reference_id": "CVE-2019-19956", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19956" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/", "reference_id": "JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html", "reference_id": "msg00032.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200114-0002/", "reference_id": "ntap-20200114-0002", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20200114-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2644", "reference_id": "RHSA-2020:2644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2646", "reference_id": "RHSA-2020:2646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3996", "reference_id": "RHSA-2020:3996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4479", "reference_id": "RHSA-2020:4479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2019-19956" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ugyh-dycm-3bc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7399?format=api", "vulnerability_id": "VCID-vcq9-93xd-nfbe", "summary": "Out-of-bounds Read\nThe xmlPArserPrintFileContextInternal function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1838.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1838.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1065", "scoring_system": "epss", "scoring_elements": "0.93302", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.1065", "scoring_system": "epss", "scoring_elements": "0.93301", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.1065", "scoring_system": "epss", "scoring_elements": "0.93272", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.1065", "scoring_system": "epss", "scoring_elements": "0.93281", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.1065", "scoring_system": "epss", "scoring_elements": "0.93287", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.1065", "scoring_system": "epss", "scoring_elements": "0.93285", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.1065", "scoring_system": "epss", "scoring_elements": "0.93294", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.1065", "scoring_system": "epss", "scoring_elements": "0.93298", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.1065", "scoring_system": "epss", "scoring_elements": "0.93303", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1838" }, { "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=639", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=639" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=758588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=758588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=db07dd613e461df93dde7902c6505629bf0734e9", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=db07dd613e461df93dde7902c6505629bf0734e9" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://support.apple.com/HT206564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206564" }, { "reference_url": "https://support.apple.com/HT206566", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206566" }, { "reference_url": "https://support.apple.com/HT206567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206567" }, { "reference_url": "https://support.apple.com/HT206568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206568" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/90691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90691" }, { "reference_url": "http://www.securitytracker.com/id/1035890", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035890" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338705", "reference_id": "1338705", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338705" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://code.google.com/p/google-security-research/issues/detail?id=639", "reference_id": "CVE-2016-1838", "reference_type": "exploit", "scores": [], "url": "https://code.google.com/p/google-security-research/issues/detail?id=639" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39493.txt", "reference_id": "CVE-2016-1838", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39493.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1838", "reference_id": "CVE-2016-1838", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1838" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1838" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vcq9-93xd-nfbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44705?format=api", "vulnerability_id": "VCID-vf7b-s3y3-sfhw", "summary": "Multiple vulnerabilities have been found in libxml2, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3537.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3537.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3537", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29532", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29584", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34266", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34299", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.33927", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.3626", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36337", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36331", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36309", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3537" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956522", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3537" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3537.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3537.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/" }, { "reference_url": "https://nokogiri.org/CHANGELOG.html#1114-2021-05-14", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nokogiri.org/CHANGELOG.html#1114-2021-05-14" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3537", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3537" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210625-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210625-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210625-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20210625-0002/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988123", "reference_id": "988123", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988123" }, { "reference_url": "https://security.archlinux.org/AVG-1883", "reference_id": "AVG-1883", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1883" }, { "reference_url": "https://github.com/advisories/GHSA-286v-pcf5-25rc", "reference_id": "GHSA-286v-pcf5-25rc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-286v-pcf5-25rc" }, { "reference_url": "https://security.gentoo.org/glsa/202107-05", "reference_id": "GLSA-202107-05", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202107-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2569", "reference_id": "RHSA-2021:2569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2021-3537", "GHSA-286v-pcf5-25rc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vf7b-s3y3-sfhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8947?format=api", "vulnerability_id": "VCID-wc4g-sxyq-ubcd", "summary": "Allocation of Resources Without Limits or Throttling\nThe xz_head function in xzlib.c in libxml2 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18258.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18258.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18258", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73872", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.7388", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73824", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73876", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73898", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73833", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73858", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73829", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0079", "scoring_system": "epss", "scoring_elements": "0.73863", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18258" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-18258.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-18258.yml" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10284", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10284" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190719-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190719-0001" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190719-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190719-0001/" }, { "reference_url": "https://usn.ubuntu.com/3739-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3739-1" }, { "reference_url": "https://usn.ubuntu.com/3739-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3739-1/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", "reference_id": "1566749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566749" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895245", "reference_id": "895245", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895245" }, { "reference_url": "https://security.archlinux.org/AVG-671", "reference_id": "AVG-671", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-671" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", "reference_id": "CVE-2017-18258", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18258" }, { "reference_url": "https://github.com/advisories/GHSA-882p-jqgm-f45g", "reference_id": "GHSA-882p-jqgm-f45g", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-882p-jqgm-f45g" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1190", "reference_id": "RHSA-2020:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1190" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2017-18258", "GHSA-882p-jqgm-f45g" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wc4g-sxyq-ubcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81172?format=api", "vulnerability_id": "VCID-wj66-7n6c-9kam", "summary": "security update", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1835.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1835.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02568", "scoring_system": "epss", "scoring_elements": "0.85537", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02568", "scoring_system": "epss", "scoring_elements": "0.8554", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02568", "scoring_system": "epss", "scoring_elements": "0.85465", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02568", "scoring_system": "epss", "scoring_elements": "0.85477", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02568", "scoring_system": "epss", "scoring_elements": "0.85494", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02568", "scoring_system": "epss", "scoring_elements": "0.85498", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02568", "scoring_system": "epss", "scoring_elements": "0.85518", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02568", "scoring_system": "epss", "scoring_elements": "0.85528", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02568", "scoring_system": "epss", "scoring_elements": "0.85542", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1835" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=759020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=759020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=38eae571111db3b43ffdeb05487c9f60551906fb", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.gnome.org/browse/libxml2/commit/?id=38eae571111db3b43ffdeb05487c9f60551906fb" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://support.apple.com/HT206567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206567" }, { "reference_url": "https://support.apple.com/HT206568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206568" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/90696", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/90696" }, { "reference_url": "http://www.securitytracker.com/id/1035890", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035890" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338691", "reference_id": "1338691", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338691" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1835", "reference_id": "CVE-2016-1835", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1835" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wj66-7n6c-9kam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7204?format=api", "vulnerability_id": "VCID-wtxh-xxp2-d3hr", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7942.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7942.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01457", "scoring_system": "epss", "scoring_elements": "0.80821", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01457", "scoring_system": "epss", "scoring_elements": "0.80765", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01457", "scoring_system": "epss", "scoring_elements": "0.80774", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01457", "scoring_system": "epss", "scoring_elements": "0.80795", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01457", "scoring_system": "epss", "scoring_elements": "0.80792", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01457", "scoring_system": "epss", "scoring_elements": "0.80819", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01457", "scoring_system": "epss", "scoring_elements": "0.80827", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01457", "scoring_system": "epss", "scoring_elements": "0.80844", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01457", "scoring_system": "epss", "scoring_elements": "0.80829", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7942" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=744980#c8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=744980#c8" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=756456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=756456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", "reference_id": "", "reference_type": "", "scores": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" }, { "reference_url": "https://support.apple.com/HT206166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206166" }, { "reference_url": "https://support.apple.com/HT206167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206167" }, { "reference_url": "https://support.apple.com/HT206168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206168" }, { "reference_url": "https://support.apple.com/HT206169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.apple.com/HT206169" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/10/22/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/10/22/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/10/22/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2015/10/22/8" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/79507", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/79507" }, { "reference_url": "http://www.securitytracker.com/id/1034243", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034243" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2812-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2812-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276297", "reference_id": "1276297", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276297" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802827", "reference_id": "802827", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802827" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7942", "reference_id": "CVE-2015-7942", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7942" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2812-1/", "reference_id": "USN-2812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2812-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-7942" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wtxh-xxp2-d3hr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7387?format=api", "vulnerability_id": "VCID-wy5v-dsp3-a7aa", "summary": "Improper Input Validation\nThe xmlStringGetNodeList function in tree.c in libxml2, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3627.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3627.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37257", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.3732", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37308", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37239", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37331", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37298", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37429", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37405", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.3727", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "http://seclists.org/fulldisclosure/2016/May/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2016/May/10" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "https://www.tenable.com/security/tns-2016-18", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "https://www.tenable.com/security/tns-2016-18" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/03/21/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/03/21/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/03/21/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/03/21/3" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "http://www.securityfocus.com/bid/84992", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://www.securityfocus.com/bid/84992" }, { "reference_url": "http://www.securitytracker.com/id/1035335", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://www.securitytracker.com/id/1035335" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1319829", "reference_id": "1319829", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1319829" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819006", "reference_id": "819006", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819006" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.3:*:*:*:*:*:x86:*", "reference_id": "cpe:2.3:a:oracle:vm_server:3.3:*:*:*:*:*:x86:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.3:*:*:*:*:*:x86:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.4:*:*:*:*:*:x86:*", "reference_id": "cpe:2.3:a:oracle:vm_server:3.4:*:*:*:*:*:x86:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.4:*:*:*:*:*:x86:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3627", "reference_id": "CVE-2016-3627", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3627" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "GLSA-201701-37", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-3627" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wy5v-dsp3-a7aa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/17375?format=api", "vulnerability_id": "VCID-x9ej-7dcq-tub2", "summary": "Double Free\nAn issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\\0' value).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29469.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29469.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29469", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.2209", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.2196", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.2214", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.2191", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21991", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22046", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22061", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.2202", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29469" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/510", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:02:27Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/510" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:02:27Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:02:27Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html" }, { "reference_url": "https://nokogiri.org/CHANGELOG.html#1143-2023-04-11", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nokogiri.org/CHANGELOG.html#1143-2023-04-11" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034437", "reference_id": "1034437", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034437" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185984", "reference_id": "2185984", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185984" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29469", "reference_id": "CVE-2023-29469", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29469" }, { "reference_url": "https://security.gentoo.org/glsa/202402-11", "reference_id": "GLSA-202402-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-11" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230601-0006/", "reference_id": "ntap-20230601-0006", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:02:27Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230601-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4349", "reference_id": "RHSA-2023:4349", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4529", "reference_id": "RHSA-2023:4529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0413", "reference_id": "RHSA-2024:0413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0413" }, { "reference_url": "https://usn.ubuntu.com/6028-1/", "reference_id": "USN-6028-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6028-1/" }, { "reference_url": "https://usn.ubuntu.com/6028-2/", "reference_id": "USN-6028-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6028-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2023-29469" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x9ej-7dcq-tub2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/44701?format=api", "vulnerability_id": "VCID-xps8-1a3r-wke6", "summary": "Multiple vulnerabilities have been found in libxml2, the worst of\n which could result in a Denial of Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3516.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3516.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3516", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56934", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56985", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56988", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00343", "scoring_system": "epss", "scoring_elements": "0.56995", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57651", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57629", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57545", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00362", "scoring_system": "epss", "scoring_elements": "0.58347", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00362", "scoring_system": "epss", "scoring_elements": "0.58327", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3516" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3516" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/230" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954225", "reference_id": "1954225", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954225" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987739", "reference_id": "987739", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987739" }, { "reference_url": "https://security.archlinux.org/AVG-1883", "reference_id": "AVG-1883", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1883" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3516", "reference_id": "CVE-2021-3516", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3516" }, { "reference_url": "https://security.gentoo.org/glsa/202107-05", "reference_id": "GLSA-202107-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2569", "reference_id": "RHSA-2021:2569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1050248?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2021-3516" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xps8-1a3r-wke6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7951?format=api", "vulnerability_id": "VCID-ymhr-ads4-qqdp", "summary": "Out-of-bounds Read\nlibxml2 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9049.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9049.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.63902", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.63985", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.63961", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.63989", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.63948", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.63999", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64016", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64028", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64014", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452556", "reference_id": "1452556", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452556" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863019", "reference_id": "863019", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863019" }, { "reference_url": "http://www.securityfocus.com/bid/98601", "reference_id": "98601", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:20:28Z/" } ], "url": "http://www.securityfocus.com/bid/98601" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9049", "reference_id": "CVE-2017-9049", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9049" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038282?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-9049" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ymhr-ads4-qqdp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7953?format=api", "vulnerability_id": "VCID-zm21-2pqq-3ker", "summary": "Out-of-bounds Read\nlibxml2 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9050.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9050.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54468", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54489", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54506", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54494", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.545", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54448", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54479", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54457", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54378", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1673", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1673" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://security.gentoo.org/glsa/201711-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/" } ], "url": "https://security.gentoo.org/glsa/201711-01" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3952", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/" } ], "url": "http://www.debian.org/security/2017/dsa-3952" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/05/15/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2017/05/15/1" }, { "reference_url": "http://www.securityfocus.com/bid/98568", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/" } ], "url": "http://www.securityfocus.com/bid/98568" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452553", "reference_id": "1452553", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452553" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863018", "reference_id": "863018", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863018" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9050", "reference_id": "CVE-2017-9050", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9050" }, { "reference_url": "https://github.com/advisories/GHSA-8c56-cpmw-89x7", "reference_id": "GHSA-8c56-cpmw-89x7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8c56-cpmw-89x7" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035584?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038282?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-9050", "GHSA-8c56-cpmw-89x7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zm21-2pqq-3ker" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51193?format=api", "vulnerability_id": "VCID-mhwv-kcxp-buc7", "summary": "A vulnerability in libxml2 allows a remote attacker to cause Denial\n of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0191.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0191.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0191", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74775", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74767", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74782", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74806", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00845", "scoring_system": "epss", "scoring_elements": "0.74735", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00868", "scoring_system": "epss", "scoring_elements": "0.75122", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00868", "scoring_system": "epss", "scoring_elements": "0.75152", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00868", "scoring_system": "epss", "scoring_elements": "0.75119", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0191" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1090976", "reference_id": "1090976", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1090976" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747309", "reference_id": "747309", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747309" }, { "reference_url": "https://security.gentoo.org/glsa/201409-08", "reference_id": "GLSA-201409-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201409-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0513", "reference_id": "RHSA-2014:0513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0749", "reference_id": "RHSA-2015:0749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0749" }, { "reference_url": "https://usn.ubuntu.com/2214-1/", "reference_id": "USN-2214-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2214-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571049?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mhwv-kcxp-buc7" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nrut-syek-s7fg" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035583?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5" } ], "aliases": [ "CVE-2014-0191" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mhwv-kcxp-buc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6833?format=api", "vulnerability_id": "VCID-nrut-syek-s7fg", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nparser.c in libxml2, as used in Google Chrome and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.", "references": [ { "reference_url": "ftp://xmlsoft.org/libxml2/libxml2-2.9.0.tar.gz", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://xmlsoft.org/libxml2/libxml2-2.9.0.tar.gz" }, { "reference_url": "http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=e5d7f7e5dc21d3ae7be3cbb949ac4d8701e06de1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.chromium.org/gitweb/?p=chromium/chromium.git%3Ba=commit%3Bh=e5d7f7e5dc21d3ae7be3cbb949ac4d8701e06de1" }, { "reference_url": "http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://googlechromereleases.blogspot.com/2013/07/stable-channel-update.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00063.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00063.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00077.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-07/msg00077.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2877.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2877.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2877", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70239", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70229", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70244", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70267", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70252", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70183", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70648", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70667", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70633", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2877" }, { "reference_url": "https://code.google.com/p/chromium/issues/detail?id=229019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://code.google.com/p/chromium/issues/detail?id=229019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2853" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2870" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2875", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2875" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2878", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2878" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2879", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2879" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2880", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2880" }, { "reference_url": "http://seclists.org/fulldisclosure/2014/Dec/23", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2014/Dec/23" }, { "reference_url": "http://secunia.com/advisories/54172", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/54172" }, { "reference_url": "http://secunia.com/advisories/55568", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/55568" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2724", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2013/dsa-2724" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2779", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2013/dsa-2779" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/61050", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/61050" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1904-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1904-1" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1904-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1904-2" }, { "reference_url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=715531", "reference_id": "715531", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=715531" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=983204", "reference_id": "983204", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=983204" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.33:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.33:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.33:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.34:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.34:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.34:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.36:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.36:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.36:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.37:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.37:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.37:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.38:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.38:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.38:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.39:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.39:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.39:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.40:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.40:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.40:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.41:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.41:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.41:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.42:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.42:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.42:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.43:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.43:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.43:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.44:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.44:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.44:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.45:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.45:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.45:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.46:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.46:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.46:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.47:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.47:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.47:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.48:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.48:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.48:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.49:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.49:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.49:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.50:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.50:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.50:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.51:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.51:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.51:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.52:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.52:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.52:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.53:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.53:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.53:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.54:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.54:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.54:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.56:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.56:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.56:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.58:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.58:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.58:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.59:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.59:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.59:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.60:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.60:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.60:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.61:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.61:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.61:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.62:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.62:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.62:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.63:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.63:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.63:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.64:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.64:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.64:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.66:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.66:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.66:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.68:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.68:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.68:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:google:chrome:28.0.1500.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:28.0.1500.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.8.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.8.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.8.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.8.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.8.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.8.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:1.8.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:1.8.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.2.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.2.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.3.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.3.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.5.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.18:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.18:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.18:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.21:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.21:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.21:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.31:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.31:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.31:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:*:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2877", "reference_id": "CVE-2013-2877", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2877" }, { "reference_url": "https://security.gentoo.org/glsa/201309-16", "reference_id": "GLSA-201309-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-16" }, { "reference_url": "https://security.gentoo.org/glsa/201311-06", "reference_id": "GLSA-201311-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-06" }, { "reference_url": "https://security.gentoo.org/glsa/201412-11", "reference_id": "GLSA-201412-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0513", "reference_id": "RHSA-2014:0513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0513" }, { "reference_url": "https://usn.ubuntu.com/1904-1/", "reference_id": "USN-1904-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1904-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571049?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mhwv-kcxp-buc7" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nrut-syek-s7fg" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1035583?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-27jd-t23h-73f4" }, { "vulnerability": "VCID-2b1g-gp84-87e8" }, { "vulnerability": "VCID-2j62-5rjn-vyeu" }, { "vulnerability": "VCID-31w8-13b6-8beh" }, { "vulnerability": "VCID-33n1-125n-63h6" }, { "vulnerability": "VCID-3d1e-enaq-q3cx" }, { "vulnerability": "VCID-3s4n-twju-b3dw" }, { "vulnerability": "VCID-3whx-6t3e-7beq" }, { "vulnerability": "VCID-464a-typa-7qbu" }, { "vulnerability": "VCID-4hws-gtxr-3bge" }, { "vulnerability": "VCID-4m3j-qy8c-4uhk" }, { "vulnerability": "VCID-51f2-w9b7-9fb4" }, { "vulnerability": "VCID-57yv-ay7b-v7ev" }, { "vulnerability": "VCID-69ff-ngna-mkbv" }, { "vulnerability": "VCID-6h9f-6pmg-3fh3" }, { "vulnerability": "VCID-74y5-vcxn-2ygr" }, { "vulnerability": "VCID-782a-uast-nbch" }, { "vulnerability": "VCID-7bpp-2hvk-2udv" }, { "vulnerability": "VCID-7h3p-7ej2-17f1" }, { "vulnerability": "VCID-7rzw-9jj5-4ybk" }, { "vulnerability": "VCID-8d2w-3c3p-zqaz" }, { "vulnerability": "VCID-8tej-h12t-2fag" }, { "vulnerability": "VCID-9hqf-12yh-bkc8" }, { "vulnerability": "VCID-9p2f-ynzb-r3gj" }, { "vulnerability": "VCID-9q49-2srz-rkg7" }, { "vulnerability": "VCID-aasn-u7fd-8bhy" }, { "vulnerability": "VCID-ah8e-sxuu-jqcw" }, { "vulnerability": "VCID-ahha-vnq4-7qd2" }, { "vulnerability": "VCID-azzy-m5pc-qudn" }, { "vulnerability": "VCID-b5tz-9s1v-pkg7" }, { "vulnerability": "VCID-bejh-22y7-kuh6" }, { "vulnerability": "VCID-bk98-bfkg-7bdt" }, { "vulnerability": "VCID-bp8r-8jjt-hygw" }, { "vulnerability": "VCID-bz1e-1ypb-kkgg" }, { "vulnerability": "VCID-c9ds-faa9-t7be" }, { "vulnerability": "VCID-cbm2-cez4-bqgh" }, { "vulnerability": "VCID-cgfv-pps6-6khd" }, { "vulnerability": "VCID-d68t-f8j1-h3am" }, { "vulnerability": "VCID-drkd-yykc-ayge" }, { "vulnerability": "VCID-e9c3-5gws-u3fp" }, { "vulnerability": "VCID-eb6k-ppfd-m7a3" }, { "vulnerability": "VCID-ecde-c15q-ukh1" }, { "vulnerability": "VCID-eebz-xjem-cygz" }, { "vulnerability": "VCID-ek5d-m9pn-3fec" }, { "vulnerability": "VCID-ghaf-ynsg-uuea" }, { "vulnerability": "VCID-gvmn-4dtv-8qcj" }, { "vulnerability": "VCID-gxsm-qvkt-gygy" }, { "vulnerability": "VCID-hafa-bcpu-8uaj" }, { "vulnerability": "VCID-ked7-5tjg-nudx" }, { "vulnerability": "VCID-mm88-amve-quh6" }, { "vulnerability": "VCID-netm-9gxh-3yh4" }, { "vulnerability": "VCID-nuh8-qd25-ykan" }, { "vulnerability": "VCID-pdv9-xrh8-d3fz" }, { "vulnerability": "VCID-qh44-gavt-rbdw" }, { "vulnerability": "VCID-qp6y-dt1j-97df" }, { "vulnerability": "VCID-qpnt-xvgv-s3cq" }, { "vulnerability": "VCID-qqte-z1e6-xuh7" }, { "vulnerability": "VCID-qtp3-a1g7-8kgw" }, { "vulnerability": "VCID-qv3r-ppuc-zycz" }, { "vulnerability": "VCID-qxwq-xwaw-nyak" }, { "vulnerability": "VCID-r7q9-7u4b-83cz" }, { "vulnerability": "VCID-rhgj-t5cp-wkbh" }, { "vulnerability": "VCID-rsvx-3f49-v3an" }, { "vulnerability": "VCID-s3j9-1zq5-zkf5" }, { "vulnerability": "VCID-s9r4-a3uz-4yhp" }, { "vulnerability": "VCID-t53m-6vvr-27cf" }, { "vulnerability": "VCID-t9pa-yw9s-kqb9" }, { "vulnerability": "VCID-tazr-2qgq-77fy" }, { "vulnerability": "VCID-tn87-vke6-kuf6" }, { "vulnerability": "VCID-tyk2-gq2c-bbcn" }, { "vulnerability": "VCID-udew-3gre-13hy" }, { "vulnerability": "VCID-ugyh-dycm-3bc3" }, { "vulnerability": "VCID-vcq9-93xd-nfbe" }, { "vulnerability": "VCID-vf7b-s3y3-sfhw" }, { "vulnerability": "VCID-wc4g-sxyq-ubcd" }, { "vulnerability": "VCID-wj66-7n6c-9kam" }, { "vulnerability": "VCID-wtxh-xxp2-d3hr" }, { "vulnerability": "VCID-wy5v-dsp3-a7aa" }, { "vulnerability": "VCID-x9ej-7dcq-tub2" }, { "vulnerability": "VCID-xps8-1a3r-wke6" }, { "vulnerability": "VCID-ymhr-ads4-qqdp" }, { "vulnerability": "VCID-zm21-2pqq-3ker" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5" } ], "aliases": [ "CVE-2013-2877" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nrut-syek-s7fg" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5" }