Package Instance

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/issues/1634

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/issues/1634

reference_url

https://ubuntu.com/security/CVE-2017-5029

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://ubuntu.com/security/CVE-2017-5029

reference_url

https://ubuntu.com/security/notices/USN-3271-1

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://ubuntu.com/security/notices/USN-3271-1

reference_url	http://www.debian.org/security/2017/dsa-3810
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-3810

reference_url	http://www.securityfocus.com/bid/96767
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/96767

reference_url	http://www.securitytracker.com/id/1038157
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1038157

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1431033
reference_id	1431033
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1431033

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858546
reference_id	858546
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858546

reference_url	https://security.archlinux.org/ASA-201703-4
reference_id	ASA-201703-4
reference_type
scores
url	https://security.archlinux.org/ASA-201703-4

reference_url	https://security.archlinux.org/ASA-201703-5
reference_id	ASA-201703-5
reference_type
scores
url	https://security.archlinux.org/ASA-201703-5

reference_url

https://security.archlinux.org/AVG-195

reference_id

AVG-195

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-195

reference_url

https://security.archlinux.org/AVG-196

reference_id

AVG-196

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-196

reference_url

https://security.archlinux.org/AVG-197

reference_id

AVG-197

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-197

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::
reference_id	cpe:2.3:a:google:chrome::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.29:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:-:::::::*
reference_id	cpe:2.3:o:apple:macos:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:::::::*
reference_id	cpe:2.3:o:google:android:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:::::::*
reference_id	cpe:2.3:o:linux:linux_kernel:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:::::::*
reference_id	cpe:2.3:o:microsoft:windows:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-5029

reference_id

CVE-2017-5029

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-5029

reference_url	https://security.gentoo.org/glsa/201804-01
reference_id	GLSA-201804-01
reference_type
scores
url	https://security.gentoo.org/glsa/201804-01

reference_url	https://access.redhat.com/errata/RHSA-2017:0499
reference_id	RHSA-2017:0499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0499

reference_url	https://usn.ubuntu.com/3236-1/
reference_id	USN-3236-1
reference_type
scores
url	https://usn.ubuntu.com/3236-1/

reference_url	https://usn.ubuntu.com/3271-1/
reference_id	USN-3271-1
reference_type
scores
url	https://usn.ubuntu.com/3271-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

purl pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2

aliases CVE-2017-5029, GHSA-pf6m-fxpq-fg8v

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3f2w-tgya-x3cc

url VCID-5nuu-a7bc-jke4

vulnerability_id VCID-5nuu-a7bc-jke4

summary libxslt: stack-based buffer overflow at exsltDateFormat()

references

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4608.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4608.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4608

reference_id

reference_type

scores

value	0.03375
scoring_system	epss
scoring_elements	0.8732
published_at	2026-04-01T12:55:00Z

value	0.03375
scoring_system	epss
scoring_elements	0.87391
published_at	2026-04-18T12:55:00Z

value	0.03375
scoring_system	epss
scoring_elements	0.87373
published_at	2026-04-13T12:55:00Z

value	0.03375
scoring_system	epss
scoring_elements	0.87388
published_at	2026-04-16T12:55:00Z

value	0.03375
scoring_system	epss
scoring_elements	0.87329
published_at	2026-04-02T12:55:00Z

value	0.03375
scoring_system	epss
scoring_elements	0.87345
published_at	2026-04-07T12:55:00Z

value	0.03375
scoring_system	epss
scoring_elements	0.87363
published_at	2026-04-08T12:55:00Z

value	0.03375
scoring_system	epss
scoring_elements	0.8737
published_at	2026-04-09T12:55:00Z

value	0.03375
scoring_system	epss
scoring_elements	0.87382
published_at	2026-04-11T12:55:00Z

value	0.03375
scoring_system	epss
scoring_elements	0.87377
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4608

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4608
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4608

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/

reference_url	https://support.apple.com/HT206899
reference_id
reference_type
scores
url	https://support.apple.com/HT206899

reference_url	https://support.apple.com/HT206901
reference_id
reference_type
scores
url	https://support.apple.com/HT206901

reference_url	https://support.apple.com/HT206902
reference_id
reference_type
scores
url	https://support.apple.com/HT206902

reference_url	https://support.apple.com/HT206903
reference_id
reference_type
scores
url	https://support.apple.com/HT206903

reference_url	https://support.apple.com/HT206904
reference_id
reference_type
scores
url	https://support.apple.com/HT206904

reference_url	https://support.apple.com/HT206905
reference_id
reference_type
scores
url	https://support.apple.com/HT206905

reference_url	http://www.securityfocus.com/bid/91826
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91826

reference_url	http://www.securitytracker.com/id/1036348
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036348

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1716454
reference_id	1716454
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1716454

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud::::::::
reference_id	cpe:2.3:a:apple:icloud::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes::::::::
reference_id	cpe:2.3:a:apple:itunes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::
reference_id	cpe:2.3:a:xmlsoft:libxslt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
reference_id	cpe:2.3:o:apple:iphone_os::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
reference_id	cpe:2.3:o:apple:tvos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
reference_id	cpe:2.3:o:apple:watchos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:::::::*
reference_id	cpe:2.3:o:microsoft:windows:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-4608

reference_id

CVE-2016-4608

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-4608

fixed_packages

url pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

purl pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2

aliases CVE-2016-4608

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5nuu-a7bc-jke4

url VCID-5uqv-dm9p-c7c6

vulnerability_id VCID-5uqv-dm9p-c7c6

summary

Improper Restriction of Operations within the Bounds of a Memory Buffer
nokogiri mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document.

references

reference_url	http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
reference_id
reference_type
scores
url	http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1683.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1683.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1683

reference_id

reference_type

scores

value	0.00989
scoring_system	epss
scoring_elements	0.76908
published_at	2026-04-18T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76903
published_at	2026-04-16T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76801
published_at	2026-04-01T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76805
published_at	2026-04-02T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76834
published_at	2026-04-04T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76815
published_at	2026-04-07T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76846
published_at	2026-04-08T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76857
published_at	2026-04-09T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76885
published_at	2026-04-11T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76865
published_at	2026-04-12T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76859
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1683

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1340016
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1340016

reference_url	https://crbug.com/583156
reference_id
reference_type
scores
url	https://crbug.com/583156

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695

reference_url	https://git.gnome.org/browse/libxslt/commit/?id=d182d8f6ba3071503d96ce17395c9d55871f0242
reference_id
reference_type
scores
url	https://git.gnome.org/browse/libxslt/commit/?id=d182d8f6ba3071503d96ce17395c9d55871f0242

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/

reference_url	https://support.apple.com/HT206899
reference_id
reference_type
scores
url	https://support.apple.com/HT206899

reference_url	https://support.apple.com/HT206901
reference_id
reference_type
scores
url	https://support.apple.com/HT206901

reference_url	https://support.apple.com/HT206902
reference_id
reference_type
scores
url	https://support.apple.com/HT206902

reference_url	https://support.apple.com/HT206903
reference_id
reference_type
scores
url	https://support.apple.com/HT206903

reference_url	https://support.apple.com/HT206904
reference_id
reference_type
scores
url	https://support.apple.com/HT206904

reference_url	https://support.apple.com/HT206905
reference_id
reference_type
scores
url	https://support.apple.com/HT206905

reference_url	http://www.debian.org/security/2016/dsa-3590
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3590

reference_url	http://www.debian.org/security/2016/dsa-3605
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3605

reference_url	http://www.securityfocus.com/bid/90876
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/90876

reference_url	http://www.securityfocus.com/bid/91826
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91826

reference_url	http://www.securitytracker.com/id/1035981
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035981

reference_url	http://www.ubuntu.com/usn/USN-2992-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2992-1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::
reference_id	cpe:2.3:a:google:chrome::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::
reference_id	cpe:2.3:a:xmlsoft:libxslt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

reference_id

CVE-2016-1683

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1684

reference_url	https://security.gentoo.org/glsa/201607-07
reference_id	GLSA-201607-07
reference_type
scores
url	https://security.gentoo.org/glsa/201607-07

reference_url	https://access.redhat.com/errata/RHSA-2016:1190
reference_id	RHSA-2016:1190
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1190

reference_url	https://usn.ubuntu.com/2992-1/
reference_id	USN-2992-1
reference_type
scores
url	https://usn.ubuntu.com/2992-1/

reference_url	https://usn.ubuntu.com/3271-1/
reference_id	USN-3271-1
reference_type
scores
url	https://usn.ubuntu.com/3271-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

purl pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2

aliases CVE-2016-1683

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5uqv-dm9p-c7c6

url VCID-6ss1-s8fx-vqd7

vulnerability_id VCID-6ss1-s8fx-vqd7

summary

Multiple vulnerabilities have been found in the Chromium web
    browser, the worst of which allows remote attackers to execute arbitrary
    code.

references

reference_url	http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
reference_id
reference_type
scores
url	http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1684.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1684.json

reference_url

reference_id

reference_type

scores

value	0.00866
scoring_system	epss
scoring_elements	0.75161
published_at	2026-04-18T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75154
published_at	2026-04-16T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75074
published_at	2026-04-01T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75076
published_at	2026-04-02T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75106
published_at	2026-04-04T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75082
published_at	2026-04-07T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75116
published_at	2026-04-08T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75128
published_at	2026-04-12T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.7515
published_at	2026-04-11T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75117
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1684

reference_url	https://crbug.com/583171
reference_id
reference_type
scores
url	https://crbug.com/583171

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695

reference_url	https://git.gnome.org/browse/libxslt/commit/?id=91d0540ac9beaa86719a05b749219a69baa0dd8d
reference_id
reference_type
scores
url	https://git.gnome.org/browse/libxslt/commit/?id=91d0540ac9beaa86719a05b749219a69baa0dd8d

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/

reference_url	https://support.apple.com/HT206899
reference_id
reference_type
scores
url	https://support.apple.com/HT206899

reference_url	https://support.apple.com/HT206901
reference_id
reference_type
scores
url	https://support.apple.com/HT206901

reference_url	https://support.apple.com/HT206902
reference_id
reference_type
scores
url	https://support.apple.com/HT206902

reference_url	https://support.apple.com/HT206903
reference_id
reference_type
scores
url	https://support.apple.com/HT206903

reference_url	https://support.apple.com/HT206904
reference_id
reference_type
scores
url	https://support.apple.com/HT206904

reference_url	https://support.apple.com/HT206905
reference_id
reference_type
scores
url	https://support.apple.com/HT206905

reference_url	http://www.debian.org/security/2016/dsa-3590
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3590

reference_url	http://www.debian.org/security/2016/dsa-3605
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3605

reference_url	http://www.securityfocus.com/bid/90876
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/90876

reference_url	http://www.securitytracker.com/id/1035981
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035981

reference_url	http://www.ubuntu.com/usn/USN-2992-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2992-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1340017
reference_id	1340017
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1340017

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::
reference_id	cpe:2.3:a:google:chrome::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::
reference_id	cpe:2.3:a:xmlsoft:libxslt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::

reference_url

reference_id

CVE-2016-1684

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html

reference_url	https://security.gentoo.org/glsa/201607-07
reference_id	GLSA-201607-07
reference_type
scores
url	https://security.gentoo.org/glsa/201607-07

reference_url	https://access.redhat.com/errata/RHSA-2016:1190
reference_id	RHSA-2016:1190
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1190

reference_url	https://usn.ubuntu.com/2992-1/
reference_id	USN-2992-1
reference_type
scores
url	https://usn.ubuntu.com/2992-1/

reference_url	https://usn.ubuntu.com/3271-1/
reference_id	USN-3271-1
reference_type
scores
url	https://usn.ubuntu.com/3271-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

purl pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2

aliases CVE-2016-1684

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ss1-s8fx-vqd7

url VCID-96v6-vs1m-skf3

vulnerability_id VCID-96v6-vs1m-skf3

summary

Improper Input Validation
In `numbers.c` in libxslt, which is used by nokogiri, a type holding grouping characters of an `xsl:number` instruction was too narrow and an invalid character/length combination could be passed to `xsltNumberFormatDecimal`, leading to a read of uninitialized stack data.

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13118.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13118.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-13118

reference_id

reference_type

scores

value	0.01008
scoring_system	epss
scoring_elements	0.77103
published_at	2026-04-18T12:55:00Z

value	0.01008
scoring_system	epss
scoring_elements	0.77101
published_at	2026-04-16T12:55:00Z

value	0.01027
scoring_system	epss
scoring_elements	0.77276
published_at	2026-04-08T12:55:00Z

value	0.01027
scoring_system	epss
scoring_elements	0.77285
published_at	2026-04-09T12:55:00Z

value	0.01027
scoring_system	epss
scoring_elements	0.77289
published_at	2026-04-13T12:55:00Z

value	0.01027
scoring_system	epss
scoring_elements	0.77313
published_at	2026-04-11T12:55:00Z

value	0.01027
scoring_system	epss
scoring_elements	0.77292
published_at	2026-04-12T12:55:00Z

value	0.01027
scoring_system	epss
scoring_elements	0.77228
published_at	2026-04-01T12:55:00Z

value	0.01027
scoring_system	epss
scoring_elements	0.77235
published_at	2026-04-02T12:55:00Z

value	0.01027
scoring_system	epss
scoring_elements	0.77263
published_at	2026-04-04T12:55:00Z

value	0.01027
scoring_system	epss
scoring_elements	0.77245
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-13118

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13118
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13118

reference_url

http://seclists.org/fulldisclosure/2019/Aug/11

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/Aug/11

reference_url

http://seclists.org/fulldisclosure/2019/Aug/13

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/Aug/13

reference_url

http://seclists.org/fulldisclosure/2019/Aug/14

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/Aug/14

reference_url

http://seclists.org/fulldisclosure/2019/Aug/15

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/Aug/15

reference_url

http://seclists.org/fulldisclosure/2019/Jul/22

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/Jul/22

reference_url

http://seclists.org/fulldisclosure/2019/Jul/23

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/Jul/23

reference_url

http://seclists.org/fulldisclosure/2019/Jul/24

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/Jul/24

reference_url

http://seclists.org/fulldisclosure/2019/Jul/26

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/Jul/26

reference_url

http://seclists.org/fulldisclosure/2019/Jul/31

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/Jul/31

reference_url

http://seclists.org/fulldisclosure/2019/Jul/37

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/Jul/37

reference_url

http://seclists.org/fulldisclosure/2019/Jul/38

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2019/Jul/38

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/sparklemotion/nokogiri/blob/f7aa3b0b29d6fe5fafe93dacd9b96b6b3d16b7ec/CHANGELOG.md?plain=1#L796

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/blob/f7aa3b0b29d6fe5fafe93dacd9b96b6b3d16b7ec/CHANGELOG.md?plain=1#L796

reference_url

https://github.com/sparklemotion/nokogiri/commit/43a175339b47b8c604508813fc75b83f13cd173e

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/commit/43a175339b47b8c604508813fc75b83f13cd173e

reference_url

https://github.com/sparklemotion/nokogiri/issues/1943

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/issues/1943

reference_url

https://github.com/sparklemotion/nokogiri/releases/tag/v1.10.5

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/releases/tag/v1.10.5

reference_url

https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b

reference_url

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/

reference_url

https://oss-fuzz.com/testcase-detail/5197371471822848

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://oss-fuzz.com/testcase-detail/5197371471822848

reference_url

https://seclists.org/bugtraq/2019/Aug/21

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://seclists.org/bugtraq/2019/Aug/21

reference_url

https://seclists.org/bugtraq/2019/Aug/22

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://seclists.org/bugtraq/2019/Aug/22

reference_url

https://seclists.org/bugtraq/2019/Aug/23

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://seclists.org/bugtraq/2019/Aug/23

reference_url

https://seclists.org/bugtraq/2019/Aug/25

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://seclists.org/bugtraq/2019/Aug/25

reference_url

https://seclists.org/bugtraq/2019/Jul/35

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://seclists.org/bugtraq/2019/Jul/35

reference_url

https://seclists.org/bugtraq/2019/Jul/36

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://seclists.org/bugtraq/2019/Jul/36

reference_url

https://seclists.org/bugtraq/2019/Jul/37

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://seclists.org/bugtraq/2019/Jul/37

reference_url

https://seclists.org/bugtraq/2019/Jul/40

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://seclists.org/bugtraq/2019/Jul/40

reference_url

https://seclists.org/bugtraq/2019/Jul/41

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://seclists.org/bugtraq/2019/Jul/41

reference_url

https://seclists.org/bugtraq/2019/Jul/42

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://seclists.org/bugtraq/2019/Jul/42

reference_url

https://security.netapp.com/advisory/ntap-20190806-0004

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190806-0004

reference_url	https://security.netapp.com/advisory/ntap-20190806-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190806-0004/

reference_url

https://security.netapp.com/advisory/ntap-20200122-0003

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200122-0003

reference_url	https://security.netapp.com/advisory/ntap-20200122-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200122-0003/

reference_url

https://support.apple.com/kb/HT210346

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.apple.com/kb/HT210346

reference_url

https://support.apple.com/kb/HT210348

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.apple.com/kb/HT210348

reference_url

https://support.apple.com/kb/HT210351

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.apple.com/kb/HT210351

reference_url

https://support.apple.com/kb/HT210353

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.apple.com/kb/HT210353

reference_url

https://support.apple.com/kb/HT210356

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.apple.com/kb/HT210356

reference_url

https://support.apple.com/kb/HT210357

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.apple.com/kb/HT210357

reference_url

https://support.apple.com/kb/HT210358

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://support.apple.com/kb/HT210358

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

http://www.openwall.com/lists/oss-security/2019/11/17/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2019/11/17/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1728541
reference_id	1728541
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1728541

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931320
reference_id	931320
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931320

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-13118

reference_id

CVE-2019-13118

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-13118

reference_url

https://github.com/advisories/GHSA-cf46-6xxh-pc75

reference_id

GHSA-cf46-6xxh-pc75

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cf46-6xxh-pc75

reference_url	https://usn.ubuntu.com/4164-1/
reference_id	USN-4164-1
reference_type
scores
url	https://usn.ubuntu.com/4164-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1

purl pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1

aliases CVE-2019-13118, GHSA-cf46-6xxh-pc75

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96v6-vs1m-skf3

url VCID-aauj-xkdy-mbea

vulnerability_id VCID-aauj-xkdy-mbea

summary libxslt: Type confusion in xmlNode.psvi between stylesheet and source nodes

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7424.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7424.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-7424

reference_id

reference_type

scores

value	0.00088
scoring_system	epss
scoring_elements	0.25157
published_at	2026-04-18T12:55:00Z

value	0.00088
scoring_system	epss
scoring_elements	0.25167
published_at	2026-04-16T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26562
published_at	2026-04-13T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.2666
published_at	2026-04-09T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26665
published_at	2026-04-11T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.2662
published_at	2026-04-12T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26542
published_at	2026-04-07T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.2661
published_at	2026-04-08T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.30152
published_at	2026-04-02T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.30199
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-7424

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7424
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7424

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109123
reference_id	1109123
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109123

reference_url

https://gitlab.gnome.org/GNOME/libxslt/-/issues/139

reference_id

139

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/

url

https://gitlab.gnome.org/GNOME/libxslt/-/issues/139

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2379228

reference_id

2379228

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2379228

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1
reference_id	cpe:/a:redhat:hummingbird:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-7424

reference_id

CVE-2025-7424

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/

url

https://access.redhat.com/security/cve/CVE-2025-7424

reference_url

https://access.redhat.com/errata/RHBA-2025:12345

reference_id

RHBA-2025:12345

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/

url

https://access.redhat.com/errata/RHBA-2025:12345

reference_url	https://usn.ubuntu.com/7945-1/
reference_id	USN-7945-1
reference_type
scores
url	https://usn.ubuntu.com/7945-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3

purl pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gz4b-hjbg-pyfz

vulnerability	VCID-qpxw-q3mc-xfhz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3

aliases CVE-2025-7424

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aauj-xkdy-mbea

url VCID-bg26-kj9r-7bea

vulnerability_id VCID-bg26-kj9r-7bea

summary libxslt: Invalid memory access leading to DoS at exsltDynMapFunction()

references

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4610.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4610.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4610

reference_id

reference_type

scores

value	0.0559
scoring_system	epss
scoring_elements	0.90262
published_at	2026-04-01T12:55:00Z

value	0.0559
scoring_system	epss
scoring_elements	0.90322
published_at	2026-04-18T12:55:00Z

value	0.0559
scoring_system	epss
scoring_elements	0.90312
published_at	2026-04-12T12:55:00Z

value	0.0559
scoring_system	epss
scoring_elements	0.90307
published_at	2026-04-13T12:55:00Z

value	0.0559
scoring_system	epss
scoring_elements	0.90265
published_at	2026-04-02T12:55:00Z

value	0.0559
scoring_system	epss
scoring_elements	0.90279
published_at	2026-04-04T12:55:00Z

value	0.0559
scoring_system	epss
scoring_elements	0.90284
published_at	2026-04-07T12:55:00Z

value	0.0559
scoring_system	epss
scoring_elements	0.90298
published_at	2026-04-08T12:55:00Z

value	0.0559
scoring_system	epss
scoring_elements	0.90306
published_at	2026-04-09T12:55:00Z

value	0.0559
scoring_system	epss
scoring_elements	0.90313
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4610

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4610
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4610

reference_url	https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/

reference_url	https://support.apple.com/HT206899
reference_id
reference_type
scores
url	https://support.apple.com/HT206899

reference_url	https://support.apple.com/HT206901
reference_id
reference_type
scores
url	https://support.apple.com/HT206901

reference_url	https://support.apple.com/HT206902
reference_id
reference_type
scores
url	https://support.apple.com/HT206902

reference_url	https://support.apple.com/HT206903
reference_id
reference_type
scores
url	https://support.apple.com/HT206903

reference_url	https://support.apple.com/HT206904
reference_id
reference_type
scores
url	https://support.apple.com/HT206904

reference_url	https://support.apple.com/HT206905
reference_id
reference_type
scores
url	https://support.apple.com/HT206905

reference_url	http://www.securityfocus.com/bid/91826
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91826

reference_url	http://www.securitytracker.com/id/1036348
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036348

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1716448
reference_id	1716448
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1716448

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud::::::::
reference_id	cpe:2.3:a:apple:icloud::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes::::::::
reference_id	cpe:2.3:a:apple:itunes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::
reference_id	cpe:2.3:a:xmlsoft:libxslt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
reference_id	cpe:2.3:o:apple:iphone_os::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
reference_id	cpe:2.3:o:apple:tvos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
reference_id	cpe:2.3:o:apple:watchos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:::::::*
reference_id	cpe:2.3:o:microsoft:windows:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-4610

reference_id

CVE-2016-4610

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-4610

fixed_packages

url pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

purl pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2

aliases CVE-2016-4610

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bg26-kj9r-7bea

url VCID-jaep-1ut3-9qan

vulnerability_id VCID-jaep-1ut3-9qan

summary libxslt: Use-After-Free in libxslt numbers.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-24855

reference_id

reference_type

scores

value	0.00049
scoring_system	epss
scoring_elements	0.15193
published_at	2026-04-18T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15337
published_at	2026-04-12T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15272
published_at	2026-04-13T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15187
published_at	2026-04-16T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15404
published_at	2026-04-02T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15473
published_at	2026-04-04T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15277
published_at	2026-04-07T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15365
published_at	2026-04-08T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15415
published_at	2026-04-09T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15377
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-24855

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566
reference_id	1100566
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2352483
reference_id	2352483
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2352483

reference_url	https://access.redhat.com/errata/RHSA-2025:3107
reference_id	RHSA-2025:3107
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3107

reference_url	https://access.redhat.com/errata/RHSA-2025:3389
reference_id	RHSA-2025:3389
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3389

reference_url	https://access.redhat.com/errata/RHSA-2025:3528
reference_id	RHSA-2025:3528
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3528

reference_url	https://access.redhat.com/errata/RHSA-2025:3615
reference_id	RHSA-2025:3615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3615

reference_url	https://access.redhat.com/errata/RHSA-2025:3619
reference_id	RHSA-2025:3619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3619

reference_url	https://access.redhat.com/errata/RHSA-2025:3624
reference_id	RHSA-2025:3624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3624

reference_url	https://access.redhat.com/errata/RHSA-2025:3625
reference_id	RHSA-2025:3625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3625

reference_url	https://access.redhat.com/errata/RHSA-2025:3626
reference_id	RHSA-2025:3626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3626

reference_url	https://access.redhat.com/errata/RHSA-2025:3627
reference_id	RHSA-2025:3627
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3627

reference_url	https://access.redhat.com/errata/RHSA-2025:4098
reference_id	RHSA-2025:4098
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4098

reference_url	https://access.redhat.com/errata/RHSA-2025:4422
reference_id	RHSA-2025:4422
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4422

reference_url	https://access.redhat.com/errata/RHSA-2025:4427
reference_id	RHSA-2025:4427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4427

reference_url	https://access.redhat.com/errata/RHSA-2025:4431
reference_id	RHSA-2025:4431
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4431

reference_url	https://access.redhat.com/errata/RHSA-2025:4677
reference_id	RHSA-2025:4677
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4677

reference_url	https://access.redhat.com/errata/RHSA-2025:4731
reference_id	RHSA-2025:4731
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4731

reference_url	https://access.redhat.com/errata/RHSA-2025:7496
reference_id	RHSA-2025:7496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7496

reference_url	https://access.redhat.com/errata/RHSA-2025:7702
reference_id	RHSA-2025:7702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7702

reference_url	https://access.redhat.com/errata/RHSA-2025:8303
reference_id	RHSA-2025:8303
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8303

reference_url	https://usn.ubuntu.com/7361-1/
reference_id	USN-7361-1
reference_type
scores
url	https://usn.ubuntu.com/7361-1/

reference_url	https://usn.ubuntu.com/7787-1/
reference_id	USN-7787-1
reference_type
scores
url	https://usn.ubuntu.com/7787-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3

purl pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gz4b-hjbg-pyfz

vulnerability	VCID-qpxw-q3mc-xfhz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3

aliases CVE-2025-24855

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jaep-1ut3-9qan

url VCID-krjm-wk6b-akgk

vulnerability_id VCID-krjm-wk6b-akgk

summary security update

references

reference_url	http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00123.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00123.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7995.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7995.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-7995

reference_id

reference_type

scores

value	0.0137
scoring_system	epss
scoring_elements	0.80245
published_at	2026-04-18T12:55:00Z

value	0.0137
scoring_system	epss
scoring_elements	0.80206
published_at	2026-04-08T12:55:00Z

value	0.0137
scoring_system	epss
scoring_elements	0.80215
published_at	2026-04-13T12:55:00Z

value	0.0137
scoring_system	epss
scoring_elements	0.80235
published_at	2026-04-11T12:55:00Z

value	0.0137
scoring_system	epss
scoring_elements	0.8022
published_at	2026-04-12T12:55:00Z

value	0.0137
scoring_system	epss
scoring_elements	0.80243
published_at	2026-04-16T12:55:00Z

value	0.0137
scoring_system	epss
scoring_elements	0.80179
published_at	2026-04-07T12:55:00Z

value	0.01408
scoring_system	epss
scoring_elements	0.80435
published_at	2026-04-02T12:55:00Z

value	0.01408
scoring_system	epss
scoring_elements	0.80456
published_at	2026-04-04T12:55:00Z

value	0.01408
scoring_system	epss
scoring_elements	0.80429
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-7995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617
reference_id
reference_type
scores
url	https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380

reference_url	https://puppet.com/security/cve/cve-2015-7995
reference_id
reference_type
scores
url	https://puppet.com/security/cve/cve-2015-7995

reference_url	https://support.apple.com/HT205729
reference_id
reference_type
scores
url	https://support.apple.com/HT205729

reference_url	https://support.apple.com/HT205731
reference_id
reference_type
scores
url	https://support.apple.com/HT205731

reference_url	https://support.apple.com/HT205732
reference_id
reference_type
scores
url	https://support.apple.com/HT205732

reference_url	https://support.apple.com/HT206168
reference_id
reference_type
scores
url	https://support.apple.com/HT206168

reference_url	http://www.debian.org/security/2016/dsa-3605
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3605

reference_url	http://www.openwall.com/lists/oss-security/2015/10/27/10
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2015/10/27/10

reference_url	http://www.openwall.com/lists/oss-security/2015/10/28/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2015/10/28/4

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

reference_url	http://www.securityfocus.com/bid/77325
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/77325

reference_url	http://www.securitytracker.com/id/1034736
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034736

reference_url	http://www.securitytracker.com/id/1038623
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1038623

reference_url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.386546
reference_id
reference_type
scores
url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.386546

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1257962
reference_id	1257962
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1257962

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802971
reference_id	802971
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802971

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::
reference_id	cpe:2.3:a:xmlsoft:libxslt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
reference_id	cpe:2.3:o:apple:iphone_os::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
reference_id	cpe:2.3:o:apple:tvos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
reference_id	cpe:2.3:o:apple:watchos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::

reference_url

reference_id

CVE-2015-7995

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1841.json

reference_url	https://usn.ubuntu.com/3271-1/
reference_id	USN-3271-1
reference_type
scores
url	https://usn.ubuntu.com/3271-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

purl pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2

aliases CVE-2015-7995

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-krjm-wk6b-akgk

url VCID-m4cf-2dcq-uyaj

vulnerability_id VCID-m4cf-2dcq-uyaj

summary libxslt: Use after free in xsltDocumentFunctionLoadDocument

references

reference_url	http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/May/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/May/msg00002.html

reference_url	http://lists.apple.com/archives/security-announce/2016/May/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/May/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2016/May/msg00004.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/May/msg00004.html

reference_url

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1841.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1841

reference_id

reference_type

scores

value	0.01678
scoring_system	epss
scoring_elements	0.82098
published_at	2026-04-01T12:55:00Z

value	0.01678
scoring_system	epss
scoring_elements	0.82203
published_at	2026-04-18T12:55:00Z

value	0.01678
scoring_system	epss
scoring_elements	0.82171
published_at	2026-04-12T12:55:00Z

value	0.01678
scoring_system	epss
scoring_elements	0.82165
published_at	2026-04-13T12:55:00Z

value	0.01678
scoring_system	epss
scoring_elements	0.8211
published_at	2026-04-02T12:55:00Z

value	0.01678
scoring_system	epss
scoring_elements	0.82131
published_at	2026-04-04T12:55:00Z

value	0.01678
scoring_system	epss
scoring_elements	0.82127
published_at	2026-04-07T12:55:00Z

value	0.01678
scoring_system	epss
scoring_elements	0.82153
published_at	2026-04-08T12:55:00Z

value	0.01678
scoring_system	epss
scoring_elements	0.82161
published_at	2026-04-09T12:55:00Z

value	0.01678
scoring_system	epss
scoring_elements	0.82179
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1841

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/

reference_url	https://support.apple.com/HT206564
reference_id
reference_type
scores
url	https://support.apple.com/HT206564

reference_url	https://support.apple.com/HT206566
reference_id
reference_type
scores
url	https://support.apple.com/HT206566

reference_url	https://support.apple.com/HT206567
reference_id
reference_type
scores
url	https://support.apple.com/HT206567

reference_url	https://support.apple.com/HT206568
reference_id
reference_type
scores
url	https://support.apple.com/HT206568

reference_url	http://www.securityfocus.com/bid/90691
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/90691

reference_url	http://www.securitytracker.com/id/1035890
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035890

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1393780
reference_id	1393780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1393780

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
reference_id	cpe:2.3:o:apple:iphone_os::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
reference_id	cpe:2.3:o:apple:tvos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
reference_id	cpe:2.3:o:apple:watchos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1841

reference_id

CVE-2016-1841

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1841

reference_url	https://usn.ubuntu.com/3271-1/
reference_id	USN-3271-1
reference_type
scores
url	https://usn.ubuntu.com/3271-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

purl pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2

aliases CVE-2016-1841

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m4cf-2dcq-uyaj

url VCID-nxyn-eknv-tqbf

vulnerability_id VCID-nxyn-eknv-tqbf

summary

Use After Free
Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-30560

reference_id

reference_type

scores

value	0.00084
scoring_system	epss
scoring_elements	0.24478
published_at	2026-04-08T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24446
published_at	2026-04-18T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24451
published_at	2026-04-16T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24479
published_at	2026-04-01T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24436
published_at	2026-04-13T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24493
published_at	2026-04-12T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24537
published_at	2026-04-11T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24634
published_at	2026-04-04T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24409
published_at	2026-04-07T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24522
published_at	2026-04-09T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24597
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-30560

reference_url

https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html

reference_url

https://crbug.com/1219209

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://crbug.com/1219209

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-30560.yml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-30560.yml

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2

reference_url

https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html

reference_url

https://www.debian.org/security/2022/dsa-5216

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2022/dsa-5216

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079
reference_id	990079
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079

reference_url	https://security.archlinux.org/ASA-202107-30
reference_id	ASA-202107-30
reference_type
scores
url	https://security.archlinux.org/ASA-202107-30

reference_url	https://security.archlinux.org/ASA-202107-31
reference_id	ASA-202107-31
reference_type
scores
url	https://security.archlinux.org/ASA-202107-31

reference_url

https://security.archlinux.org/AVG-2166

reference_id

AVG-2166

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2166

reference_url

https://security.archlinux.org/AVG-2167

reference_id

AVG-2167

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2167

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-30560

reference_id

CVE-2021-30560

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-30560

reference_url

https://github.com/advisories/GHSA-59gp-qqm7-cw4j

reference_id

GHSA-59gp-qqm7-cw4j

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-59gp-qqm7-cw4j

reference_url

https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2

reference_id

GHSA-fq42-c5rg-92c2

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2

reference_url	https://security.gentoo.org/glsa/202107-49
reference_id	GLSA-202107-49
reference_type
scores
url	https://security.gentoo.org/glsa/202107-49

reference_url

https://security.gentoo.org/glsa/202310-23

reference_id

GLSA-202310-23

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/202310-23

reference_url	https://usn.ubuntu.com/5575-1/
reference_id	USN-5575-1
reference_type
scores
url	https://usn.ubuntu.com/5575-1/

reference_url	https://usn.ubuntu.com/5575-2/
reference_id	USN-5575-2
reference_type
scores
url	https://usn.ubuntu.com/5575-2/

fixed_packages

url pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1

purl pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-gz4b-hjbg-pyfz

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-qpxw-q3mc-xfhz

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1

aliases CVE-2021-30560, GHSA-59gp-qqm7-cw4j

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nxyn-eknv-tqbf

url VCID-sxp3-vtcq-pugw

vulnerability_id VCID-sxp3-vtcq-pugw

summary

Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.

Nokogiri prior to version 1.10.5 contains a vulnerable version of libxslt. Nokogiri version 1.10.5 upgrades the dependency to libxslt 1.1.34, which contains a patch for this issue.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html

reference_url

https://access.redhat.com/errata/RHSA-2020:0514

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2020:0514

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18197.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18197.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-18197

reference_id

reference_type

scores

value	0.04534
scoring_system	epss
scoring_elements	0.89118
published_at	2026-04-01T12:55:00Z

value	0.04534
scoring_system	epss
scoring_elements	0.89183
published_at	2026-04-18T12:55:00Z

value	0.04534
scoring_system	epss
scoring_elements	0.89171
published_at	2026-04-13T12:55:00Z

value	0.04534
scoring_system	epss
scoring_elements	0.89173
published_at	2026-04-12T12:55:00Z

value	0.04534
scoring_system	epss
scoring_elements	0.89177
published_at	2026-04-11T12:55:00Z

value	0.04534
scoring_system	epss
scoring_elements	0.89167
published_at	2026-04-09T12:55:00Z

value	0.04534
scoring_system	epss
scoring_elements	0.89161
published_at	2026-04-08T12:55:00Z

value	0.04534
scoring_system	epss
scoring_elements	0.89143
published_at	2026-04-07T12:55:00Z

value	0.04534
scoring_system	epss
scoring_elements	0.89141
published_at	2026-04-04T12:55:00Z

value	0.04534
scoring_system	epss
scoring_elements	0.89126
published_at	2026-04-02T12:55:00Z

value	0.04534
scoring_system	epss
scoring_elements	0.89184
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-18197

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15746

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15746

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15768

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15768

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15914

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15914

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18197
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18197

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-18197.yml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-18197.yml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/blob/01ab95f3e37429ed8d3b380a8d2f73902eb325d9/CHANGELOG.md?plain=1#L934

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/blob/01ab95f3e37429ed8d3b380a8d2f73902eb325d9/CHANGELOG.md?plain=1#L934

reference_url

https://github.com/sparklemotion/nokogiri/issues/1943

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/issues/1943

reference_url

https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285

reference_url

https://lists.debian.org/debian-lts-announce/2019/10/msg00037.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/10/msg00037.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-18197

reference_id

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-18197

reference_url

https://security.netapp.com/advisory/ntap-20191031-0004

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20191031-0004

reference_url	https://security.netapp.com/advisory/ntap-20191031-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191031-0004/

reference_url

https://security.netapp.com/advisory/ntap-20200416-0004

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200416-0004

reference_url	https://security.netapp.com/advisory/ntap-20200416-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200416-0004/

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url

http://www.openwall.com/lists/oss-security/2019/11/17/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2019/11/17/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1770768
reference_id	1770768
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1770768

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942646
reference_id	942646
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942646

reference_url	https://security.archlinux.org/ASA-202002-3
reference_id	ASA-202002-3
reference_type
scores
url	https://security.archlinux.org/ASA-202002-3

reference_url

https://security.archlinux.org/AVG-1092

reference_id

AVG-1092

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1092

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.33:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.33:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.33:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:::::::*
reference_id	cpe:2.3:o:linux:linux_kernel:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:::::::*

reference_url

https://github.com/advisories/GHSA-242x-7cm6-4w8j

reference_id

GHSA-242x-7cm6-4w8j

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-242x-7cm6-4w8j

reference_url	https://access.redhat.com/errata/RHSA-2020:4005
reference_id	RHSA-2020:4005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4005

reference_url	https://access.redhat.com/errata/RHSA-2020:4464
reference_id	RHSA-2020:4464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4464

reference_url	https://usn.ubuntu.com/4164-1/
reference_id	USN-4164-1
reference_type
scores
url	https://usn.ubuntu.com/4164-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1

purl pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-gz4b-hjbg-pyfz

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-qpxw-q3mc-xfhz

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1

aliases CVE-2019-18197, GHSA-242x-7cm6-4w8j

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sxp3-vtcq-pugw

url VCID-tdt5-asvh-ryaa

vulnerability_id VCID-tdt5-asvh-ryaa

summary

Bypass of a protection mechanism in libxslt
The libxslt binary, which is included in nokogiri, allows bypass of a protection mechanism because callers of `xsltCheckRead` and `xsltCheckWrite` permit access even upon receiving a -1 error code. `xsltCheckRead` can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00048.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00048.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00052.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00052.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00053.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00053.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00025.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00025.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00001.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00001.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11068.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11068.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11068

reference_id

reference_type

scores

value	0.01127
scoring_system	epss
scoring_elements	0.78323
published_at	2026-04-18T12:55:00Z

value	0.01127
scoring_system	epss
scoring_elements	0.78238
published_at	2026-04-01T12:55:00Z

value	0.01127
scoring_system	epss
scoring_elements	0.78246
published_at	2026-04-02T12:55:00Z

value	0.01127
scoring_system	epss
scoring_elements	0.78277
published_at	2026-04-04T12:55:00Z

value	0.01127
scoring_system	epss
scoring_elements	0.78259
published_at	2026-04-07T12:55:00Z

value	0.01127
scoring_system	epss
scoring_elements	0.78285
published_at	2026-04-08T12:55:00Z

value	0.01127
scoring_system	epss
scoring_elements	0.78291
published_at	2026-04-09T12:55:00Z

value	0.01127
scoring_system	epss
scoring_elements	0.78317
published_at	2026-04-11T12:55:00Z

value	0.01127
scoring_system	epss
scoring_elements	0.783
published_at	2026-04-12T12:55:00Z

value	0.01127
scoring_system	epss
scoring_elements	0.78295
published_at	2026-04-13T12:55:00Z

value	0.01127
scoring_system	epss
scoring_elements	0.78324
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11068

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11068
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11068

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-11068.yml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-11068.yml

reference_url

https://github.com/sparklemotion/nokogiri/blob/f7aa3b0b29d6fe5fafe93dacd9b96b6b3d16b7ec/CHANGELOG.md?plain=1#L826

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/blob/f7aa3b0b29d6fe5fafe93dacd9b96b6b3d16b7ec/CHANGELOG.md?plain=1#L826

reference_url

https://github.com/sparklemotion/nokogiri/commit/fe034aedcc59b566740567d621843731686676b9

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/commit/fe034aedcc59b566740567d621843731686676b9

reference_url

https://github.com/sparklemotion/nokogiri/issues/1892

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/issues/1892

reference_url

https://github.com/sparklemotion/nokogiri/pull/1898

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/pull/1898

reference_url

https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6

reference_url

https://lists.debian.org/debian-lts-announce/2019/04/msg00016.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/04/msg00016.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/

reference_url

https://security.netapp.com/advisory/ntap-20191017-0001

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20191017-0001

reference_url	https://security.netapp.com/advisory/ntap-20191017-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191017-0001/

reference_url

https://usn.ubuntu.com/3947-1

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://usn.ubuntu.com/3947-1

reference_url	https://usn.ubuntu.com/3947-1/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/3947-1/

reference_url

https://usn.ubuntu.com/3947-2

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://usn.ubuntu.com/3947-2

reference_url	https://usn.ubuntu.com/3947-2/
reference_id
reference_type
scores
url	https://usn.ubuntu.com/3947-2/

reference_url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

reference_url

http://www.openwall.com/lists/oss-security/2019/04/22/1

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2019/04/22/1

reference_url

http://www.openwall.com/lists/oss-security/2019/04/23/5

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2019/04/23/5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1709697
reference_id	1709697
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1709697

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926895
reference_id	926895
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926895

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*
reference_id	cpe:2.3:a:netapp:cloud_backup:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:element_software:-:::::::*
reference_id	cpe:2.3:a:netapp:element_software:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:element_software:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:::::vmware_vcenter::
reference_id	cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:::::vmware_vcenter::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:::::vmware_vcenter::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_os_controller::::::::
reference_id	cpe:2.3:a:netapp:e-series_santricity_os_controller::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_os_controller::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:::::::*
reference_id	cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:::::::*
reference_id	cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:::::::*
reference_id	cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:hci_management_node:-:::::::*
reference_id	cpe:2.3:a:netapp:hci_management_node:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:hci_management_node:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_insight:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_id	cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:::::::*
reference_id	cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_unified_manager:-:::::::*
reference_id	cpe:2.3:a:netapp:santricity_unified_manager:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_unified_manager:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:-::::oracle::*
reference_id	cpe:2.3:a:netapp:snapmanager:-:-::::oracle::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:-::::oracle::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:::::sap::
reference_id	cpe:2.3:a:netapp:snapmanager:-:::::sap::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:::::sap::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:solidfire:-:::::::*
reference_id	cpe:2.3:a:netapp:solidfire:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:solidfire:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_id	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:8.0:update_221::::::
reference_id	cpe:2.3:a:oracle:jdk:8.0:update_221::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:8.0:update_221::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::
reference_id	cpe:2.3:a:xmlsoft:libxslt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11068

reference_id

CVE-2019-11068

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11068

reference_url	https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11068
reference_id	CVE-2019-11068
reference_type
scores
url	https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11068

reference_url	https://security-tracker.debian.org/tracker/CVE-2019-11068
reference_id	CVE-2019-11068
reference_type
scores
url	https://security-tracker.debian.org/tracker/CVE-2019-11068

reference_url

https://github.com/advisories/GHSA-qxcg-xjjg-66mj

reference_id

GHSA-qxcg-xjjg-66mj

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qxcg-xjjg-66mj

reference_url	https://access.redhat.com/errata/RHSA-2020:4005
reference_id	RHSA-2020:4005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4005

reference_url	https://access.redhat.com/errata/RHSA-2020:4464
reference_id	RHSA-2020:4464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4464

fixed_packages

url pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1

purl pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1

aliases CVE-2019-11068, GHSA-qxcg-xjjg-66mj

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tdt5-asvh-ryaa

url VCID-txm2-sdc1-7uch

vulnerability_id VCID-txm2-sdc1-7uch

summary

Improper Input Validation
In `numbers.c` in libxslt, which is used by nokogiri, an `xsl:number` with certain format strings could lead to an uninitialized read in `xsltNumberFormatInsertNumbers`. This could allow an attacker to discern whether a byte on the stack contains the characters `[AaIi0]`, or any other character.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13117.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13117.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-13117

reference_id

reference_type

scores

value	0.04376
scoring_system	epss
scoring_elements	0.88988
published_at	2026-04-18T12:55:00Z

value	0.04376
scoring_system	epss
scoring_elements	0.8899
published_at	2026-04-16T12:55:00Z

value	0.04457
scoring_system	epss
scoring_elements	0.89066
published_at	2026-04-09T12:55:00Z

value	0.04457
scoring_system	epss
scoring_elements	0.89072
published_at	2026-04-13T12:55:00Z

value	0.04457
scoring_system	epss
scoring_elements	0.89074
published_at	2026-04-12T12:55:00Z

value	0.04457
scoring_system	epss
scoring_elements	0.89078
published_at	2026-04-11T12:55:00Z

value	0.04457
scoring_system	epss
scoring_elements	0.89019
published_at	2026-04-01T12:55:00Z

value	0.04457
scoring_system	epss
scoring_elements	0.89027
published_at	2026-04-02T12:55:00Z

value	0.04457
scoring_system	epss
scoring_elements	0.89043
published_at	2026-04-04T12:55:00Z

value	0.04457
scoring_system	epss
scoring_elements	0.89044
published_at	2026-04-07T12:55:00Z

value	0.04457
scoring_system	epss
scoring_elements	0.89062
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-13117

reference_url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13117

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-13117.yml

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-13117.yml

reference_url

https://github.com/sparklemotion/nokogiri/issues/1943

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/issues/1943

reference_url

https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1

reference_url

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/

reference_url

https://oss-fuzz.com/testcase-detail/5631739747106816

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://oss-fuzz.com/testcase-detail/5631739747106816

reference_url

https://security.netapp.com/advisory/ntap-20190806-0004

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20190806-0004

reference_url	https://security.netapp.com/advisory/ntap-20190806-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190806-0004/

reference_url

https://security.netapp.com/advisory/ntap-20200122-0003

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20200122-0003

reference_url	https://security.netapp.com/advisory/ntap-20200122-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200122-0003/

reference_url

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpujan2020.html

reference_url

http://www.openwall.com/lists/oss-security/2019/11/17/2

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2019/11/17/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1728546
reference_id	1728546
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1728546

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931321
reference_id	931321
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931321

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-13117

reference_id

CVE-2019-13117

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-13117

reference_url

https://github.com/advisories/GHSA-4hm9-844j-jmxp

reference_id

GHSA-4hm9-844j-jmxp

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-4hm9-844j-jmxp

reference_url	https://usn.ubuntu.com/4164-1/
reference_id	USN-4164-1
reference_type
scores
url	https://usn.ubuntu.com/4164-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1

purl pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1

aliases CVE-2019-13117, GHSA-4hm9-844j-jmxp

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-txm2-sdc1-7uch

url VCID-wdxa-4bjj-7fe5

vulnerability_id VCID-wdxa-4bjj-7fe5

summary libxslt: Processing web content may disclose sensitive information

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40403.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40403.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-40403

reference_id

reference_type

scores

value	0.00108
scoring_system	epss
scoring_elements	0.29186
published_at	2026-04-04T12:55:00Z

value	0.00108
scoring_system	epss
scoring_elements	0.28996
published_at	2026-04-07T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30708
published_at	2026-04-09T12:55:00Z

value	0.00118
scoring_system	epss
scoring_elements	0.30676
published_at	2026-04-08T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31935
published_at	2026-04-02T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33476
published_at	2026-04-18T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.3353
published_at	2026-04-11T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33489
published_at	2026-04-12T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33465
published_at	2026-04-13T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33501
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-40403

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40403
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40403

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

http://seclists.org/fulldisclosure/2023/Oct/10

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

http://seclists.org/fulldisclosure/2023/Oct/10

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108074
reference_id	1108074
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108074

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2349766
reference_id	2349766
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2349766

reference_url

http://seclists.org/fulldisclosure/2023/Oct/3

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

http://seclists.org/fulldisclosure/2023/Oct/3

reference_url

http://seclists.org/fulldisclosure/2023/Oct/4

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

http://seclists.org/fulldisclosure/2023/Oct/4

reference_url

http://seclists.org/fulldisclosure/2023/Oct/5

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

http://seclists.org/fulldisclosure/2023/Oct/5

reference_url

http://seclists.org/fulldisclosure/2023/Oct/6

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

http://seclists.org/fulldisclosure/2023/Oct/6

reference_url

http://seclists.org/fulldisclosure/2023/Oct/8

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

http://seclists.org/fulldisclosure/2023/Oct/8

reference_url

http://seclists.org/fulldisclosure/2023/Oct/9

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

http://seclists.org/fulldisclosure/2023/Oct/9

reference_url

https://support.apple.com/en-us/HT213927

reference_id

HT213927

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

https://support.apple.com/en-us/HT213927

reference_url

https://support.apple.com/en-us/HT213931

reference_id

HT213931

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

https://support.apple.com/en-us/HT213931

reference_url

https://support.apple.com/en-us/HT213932

reference_id

HT213932

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

https://support.apple.com/en-us/HT213932

reference_url

https://support.apple.com/en-us/HT213936

reference_id

HT213936

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

https://support.apple.com/en-us/HT213936

reference_url

https://support.apple.com/en-us/HT213937

reference_id

HT213937

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

https://support.apple.com/en-us/HT213937

reference_url

https://support.apple.com/en-us/HT213938

reference_id

HT213938

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

https://support.apple.com/en-us/HT213938

reference_url

https://support.apple.com/en-us/HT213940

reference_id

HT213940

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/

url

https://support.apple.com/en-us/HT213940

reference_url	https://access.redhat.com/errata/RHSA-2025:8676
reference_id	RHSA-2025:8676
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8676

reference_url	https://access.redhat.com/errata/RHSA-2025:9016
reference_id	RHSA-2025:9016
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9016

reference_url	https://access.redhat.com/errata/RHSA-2026:6266
reference_id	RHSA-2026:6266
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6266

reference_url	https://access.redhat.com/errata/RHSA-2026:6499
reference_id	RHSA-2026:6499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6499

reference_url	https://access.redhat.com/errata/RHSA-2026:7335
reference_id	RHSA-2026:7335
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7335

reference_url	https://access.redhat.com/errata/RHSA-2026:8746
reference_id	RHSA-2026:8746
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8746

reference_url	https://access.redhat.com/errata/RHSA-2026:8747
reference_id	RHSA-2026:8747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8747

reference_url	https://access.redhat.com/errata/RHSA-2026:8748
reference_id	RHSA-2026:8748
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8748

reference_url	https://usn.ubuntu.com/7600-1/
reference_id	USN-7600-1
reference_type
scores
url	https://usn.ubuntu.com/7600-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3

purl pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gz4b-hjbg-pyfz

vulnerability	VCID-qpxw-q3mc-xfhz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3

aliases CVE-2023-40403

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wdxa-4bjj-7fe5

url VCID-yx1j-ja6q-1qaf

vulnerability_id VCID-yx1j-ja6q-1qaf

summary

Multiple vulnerabilities were discovered in libxslt, the worst of
    which may allow a remote attacker to execute arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4738.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4738.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4738

reference_id

reference_type

scores

value	0.06117
scoring_system	epss
scoring_elements	0.90814
published_at	2026-04-18T12:55:00Z

value	0.06117
scoring_system	epss
scoring_elements	0.90791
published_at	2026-04-09T12:55:00Z

value	0.06117
scoring_system	epss
scoring_elements	0.90799
published_at	2026-04-12T12:55:00Z

value	0.06117
scoring_system	epss
scoring_elements	0.90796
published_at	2026-04-13T12:55:00Z

value	0.06117
scoring_system	epss
scoring_elements	0.90816
published_at	2026-04-16T12:55:00Z

value	0.06117
scoring_system	epss
scoring_elements	0.90774
published_at	2026-04-07T12:55:00Z

value	0.06117
scoring_system	epss
scoring_elements	0.90785
published_at	2026-04-08T12:55:00Z

value	0.06274
scoring_system	epss
scoring_elements	0.90882
published_at	2026-04-02T12:55:00Z

value	0.06274
scoring_system	epss
scoring_elements	0.90891
published_at	2026-04-04T12:55:00Z

value	0.06274
scoring_system	epss
scoring_elements	0.90877
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4738

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388777
reference_id	1388777
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388777

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842570
reference_id	842570
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842570

reference_url	https://security.gentoo.org/glsa/201804-01
reference_id	GLSA-201804-01
reference_type
scores
url	https://security.gentoo.org/glsa/201804-01

reference_url	https://usn.ubuntu.com/3271-1/
reference_id	USN-3271-1
reference_type
scores
url	https://usn.ubuntu.com/3271-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

purl pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2

aliases CVE-2016-4738

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yx1j-ja6q-1qaf

url VCID-z7hh-qpzy-c7b2

vulnerability_id VCID-z7hh-qpzy-c7b2

summary libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-55549

reference_id

reference_type

scores

value	0.0005
scoring_system	epss
scoring_elements	0.15569
published_at	2026-04-04T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15455
published_at	2026-04-08T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15368
published_at	2026-04-07T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15498
published_at	2026-04-02T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15824
published_at	2026-04-18T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15954
published_at	2026-04-12T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15886
published_at	2026-04-13T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15811
published_at	2026-04-16T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.16014
published_at	2026-04-09T12:55:00Z

value	0.00051
scoring_system	epss
scoring_elements	0.15992
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-55549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100565
reference_id	1100565
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100565

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2352484
reference_id	2352484
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2352484

reference_url	https://access.redhat.com/errata/RHSA-2025:3613
reference_id	RHSA-2025:3613
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3613

reference_url	https://access.redhat.com/errata/RHSA-2025:3614
reference_id	RHSA-2025:3614
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3614

reference_url	https://access.redhat.com/errata/RHSA-2025:3615
reference_id	RHSA-2025:3615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3615

reference_url	https://access.redhat.com/errata/RHSA-2025:3619
reference_id	RHSA-2025:3619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3619

reference_url	https://access.redhat.com/errata/RHSA-2025:3624
reference_id	RHSA-2025:3624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3624

reference_url	https://access.redhat.com/errata/RHSA-2025:3625
reference_id	RHSA-2025:3625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3625

reference_url	https://access.redhat.com/errata/RHSA-2025:3626
reference_id	RHSA-2025:3626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3626

reference_url	https://access.redhat.com/errata/RHSA-2025:3627
reference_id	RHSA-2025:3627
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3627

reference_url	https://access.redhat.com/errata/RHSA-2025:4025
reference_id	RHSA-2025:4025
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4025

reference_url	https://access.redhat.com/errata/RHSA-2025:4098
reference_id	RHSA-2025:4098
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4098

reference_url	https://access.redhat.com/errata/RHSA-2025:4422
reference_id	RHSA-2025:4422
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4422

reference_url	https://access.redhat.com/errata/RHSA-2025:4427
reference_id	RHSA-2025:4427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4427

reference_url	https://access.redhat.com/errata/RHSA-2025:4431
reference_id	RHSA-2025:4431
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4431

reference_url	https://access.redhat.com/errata/RHSA-2025:4677
reference_id	RHSA-2025:4677
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4677

reference_url	https://access.redhat.com/errata/RHSA-2025:4731
reference_id	RHSA-2025:4731
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4731

reference_url	https://access.redhat.com/errata/RHSA-2025:7410
reference_id	RHSA-2025:7410
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7410

reference_url	https://access.redhat.com/errata/RHSA-2025:7496
reference_id	RHSA-2025:7496
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7496

reference_url	https://access.redhat.com/errata/RHSA-2025:7702
reference_id	RHSA-2025:7702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7702

reference_url	https://access.redhat.com/errata/RHSA-2025:8303
reference_id	RHSA-2025:8303
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8303

reference_url	https://usn.ubuntu.com/7357-1/
reference_id	USN-7357-1
reference_type
scores
url	https://usn.ubuntu.com/7357-1/

reference_url	https://usn.ubuntu.com/7787-1/
reference_id	USN-7787-1
reference_type
scores
url	https://usn.ubuntu.com/7787-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3

purl pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gz4b-hjbg-pyfz

vulnerability	VCID-qpxw-q3mc-xfhz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3

aliases CVE-2024-55549

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z7hh-qpzy-c7b2

url VCID-zwzs-qztz-wbfj

vulnerability_id VCID-zwzs-qztz-wbfj

summary

Multiple vulnerabilities have been found in Chromium and Google
    Chrome, the worst of which could allow remote attackers to execute
    arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5815.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5815.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-5815

reference_id

reference_type

scores

value	0.00111
scoring_system	epss
scoring_elements	0.29542
published_at	2026-04-18T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29568
published_at	2026-04-16T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29549
published_at	2026-04-13T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29601
published_at	2026-04-12T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29673
published_at	2026-04-02T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29643
published_at	2026-04-09T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29543
published_at	2026-04-07T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29723
published_at	2026-04-04T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29606
published_at	2026-04-08T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29646
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-5815

reference_url	https://bugs.chromium.org/p/chromium/issues/detail?id=930663
reference_id
reference_type
scores
url	https://bugs.chromium.org/p/chromium/issues/detail?id=930663

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5823
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5823

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5847
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5847

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5848
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5848

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5849
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5849

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5850
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5850

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5853
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5853

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5854
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5854

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5855
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5855

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5856
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5856

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5857
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5857

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5859
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5859

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5861
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5861

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5862
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5862

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5867
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5867

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5868
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5868

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6503
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6503

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6504
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6504

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-5815.yml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-5815.yml

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/issues/2630

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/sparklemotion/nokogiri/issues/2630

reference_url

https://gitlab.gnome.org/GNOME/libxslt/commit/08b62c25871b38d5d573515ca8a065b4b8f64f6b

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://gitlab.gnome.org/GNOME/libxslt/commit/08b62c25871b38d5d573515ca8a065b4b8f64f6b

reference_url

https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-5815

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-5815

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1702905
reference_id	1702905
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1702905

reference_url	https://security.archlinux.org/ASA-201904-12
reference_id	ASA-201904-12
reference_type
scores
url	https://security.archlinux.org/ASA-201904-12

reference_url

https://security.archlinux.org/AVG-952

reference_id

AVG-952

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-952

reference_url

https://github.com/advisories/GHSA-vmfx-gcfq-wvm2

reference_id

GHSA-vmfx-gcfq-wvm2

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-vmfx-gcfq-wvm2

reference_url	https://security.gentoo.org/glsa/201908-18
reference_id	GLSA-201908-18
reference_type
scores
url	https://security.gentoo.org/glsa/201908-18

reference_url	https://access.redhat.com/errata/RHSA-2019:1021
reference_id	RHSA-2019:1021
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1021

reference_url	https://usn.ubuntu.com/5575-1/
reference_id	USN-5575-1
reference_type
scores
url	https://usn.ubuntu.com/5575-1/

reference_url	https://usn.ubuntu.com/5575-2/
reference_id	USN-5575-2
reference_type
scores
url	https://usn.ubuntu.com/5575-2/

fixed_packages

url pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1

purl pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-gz4b-hjbg-pyfz

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-qpxw-q3mc-xfhz

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1

aliases CVE-2019-5815, GHSA-vmfx-gcfq-wvm2

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zwzs-qztz-wbfj

Fixing_vulnerabilities

url VCID-5uqv-dm9p-c7c6

vulnerability_id VCID-5uqv-dm9p-c7c6

summary

Improper Restriction of Operations within the Bounds of a Memory Buffer
nokogiri mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document.

references

reference_url	http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
reference_id
reference_type
scores
url	http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1683.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1683.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1683

reference_id

reference_type

scores

value	0.00989
scoring_system	epss
scoring_elements	0.76908
published_at	2026-04-18T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76903
published_at	2026-04-16T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76801
published_at	2026-04-01T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76805
published_at	2026-04-02T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76834
published_at	2026-04-04T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76815
published_at	2026-04-07T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76846
published_at	2026-04-08T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76857
published_at	2026-04-09T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76885
published_at	2026-04-11T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76865
published_at	2026-04-12T12:55:00Z

value	0.00989
scoring_system	epss
scoring_elements	0.76859
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1683

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1340016
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1340016

reference_url	https://crbug.com/583156
reference_id
reference_type
scores
url	https://crbug.com/583156

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695

reference_url	https://git.gnome.org/browse/libxslt/commit/?id=d182d8f6ba3071503d96ce17395c9d55871f0242
reference_id
reference_type
scores
url	https://git.gnome.org/browse/libxslt/commit/?id=d182d8f6ba3071503d96ce17395c9d55871f0242

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/

reference_url	https://support.apple.com/HT206899
reference_id
reference_type
scores
url	https://support.apple.com/HT206899

reference_url	https://support.apple.com/HT206901
reference_id
reference_type
scores
url	https://support.apple.com/HT206901

reference_url	https://support.apple.com/HT206902
reference_id
reference_type
scores
url	https://support.apple.com/HT206902

reference_url	https://support.apple.com/HT206903
reference_id
reference_type
scores
url	https://support.apple.com/HT206903

reference_url	https://support.apple.com/HT206904
reference_id
reference_type
scores
url	https://support.apple.com/HT206904

reference_url	https://support.apple.com/HT206905
reference_id
reference_type
scores
url	https://support.apple.com/HT206905

reference_url	http://www.debian.org/security/2016/dsa-3590
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3590

reference_url	http://www.debian.org/security/2016/dsa-3605
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3605

reference_url	http://www.securityfocus.com/bid/90876
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/90876

reference_url	http://www.securityfocus.com/bid/91826
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/91826

reference_url	http://www.securitytracker.com/id/1035981
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035981

reference_url	http://www.ubuntu.com/usn/USN-2992-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2992-1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::
reference_id	cpe:2.3:a:google:chrome::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::
reference_id	cpe:2.3:a:xmlsoft:libxslt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_id	cpe:2.3:o:suse:linux_enterprise:12.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:::::::*

reference_url

reference_id

CVE-2016-1683

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1684

reference_url	https://security.gentoo.org/glsa/201607-07
reference_id	GLSA-201607-07
reference_type
scores
url	https://security.gentoo.org/glsa/201607-07

reference_url	https://access.redhat.com/errata/RHSA-2016:1190
reference_id	RHSA-2016:1190
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1190

reference_url	https://usn.ubuntu.com/2992-1/
reference_id	USN-2992-1
reference_type
scores
url	https://usn.ubuntu.com/2992-1/

reference_url	https://usn.ubuntu.com/3271-1/
reference_id	USN-3271-1
reference_type
scores
url	https://usn.ubuntu.com/3271-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.28-2%2Bdeb8u3

purl pkg:deb/debian/libxslt@1.1.28-2%2Bdeb8u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.28-2%252Bdeb8u3

url pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

purl pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2

aliases CVE-2016-1683

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5uqv-dm9p-c7c6

url VCID-6ss1-s8fx-vqd7

vulnerability_id VCID-6ss1-s8fx-vqd7

summary

Multiple vulnerabilities have been found in the Chromium web
    browser, the worst of which allows remote attackers to execute arbitrary
    code.

references

reference_url	http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
reference_id
reference_type
scores
url	http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1684.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1684.json

reference_url

reference_id

reference_type

scores

value	0.00866
scoring_system	epss
scoring_elements	0.75161
published_at	2026-04-18T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75154
published_at	2026-04-16T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75074
published_at	2026-04-01T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75076
published_at	2026-04-02T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75106
published_at	2026-04-04T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75082
published_at	2026-04-07T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75116
published_at	2026-04-08T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75128
published_at	2026-04-12T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.7515
published_at	2026-04-11T12:55:00Z

value	0.00866
scoring_system	epss
scoring_elements	0.75117
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1684

reference_url	https://crbug.com/583171
reference_id
reference_type
scores
url	https://crbug.com/583171

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695

reference_url	https://git.gnome.org/browse/libxslt/commit/?id=91d0540ac9beaa86719a05b749219a69baa0dd8d
reference_id
reference_type
scores
url	https://git.gnome.org/browse/libxslt/commit/?id=91d0540ac9beaa86719a05b749219a69baa0dd8d

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/

reference_url	https://support.apple.com/HT206899
reference_id
reference_type
scores
url	https://support.apple.com/HT206899

reference_url	https://support.apple.com/HT206901
reference_id
reference_type
scores
url	https://support.apple.com/HT206901

reference_url	https://support.apple.com/HT206902
reference_id
reference_type
scores
url	https://support.apple.com/HT206902

reference_url	https://support.apple.com/HT206903
reference_id
reference_type
scores
url	https://support.apple.com/HT206903

reference_url	https://support.apple.com/HT206904
reference_id
reference_type
scores
url	https://support.apple.com/HT206904

reference_url	https://support.apple.com/HT206905
reference_id
reference_type
scores
url	https://support.apple.com/HT206905

reference_url	http://www.debian.org/security/2016/dsa-3590
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3590

reference_url	http://www.debian.org/security/2016/dsa-3605
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3605

reference_url	http://www.securityfocus.com/bid/90876
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/90876

reference_url	http://www.securitytracker.com/id/1035981
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035981

reference_url	http://www.ubuntu.com/usn/USN-2992-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2992-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1340017
reference_id	1340017
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1340017

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::
reference_id	cpe:2.3:a:google:chrome::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::
reference_id	cpe:2.3:a:xmlsoft:libxslt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::

reference_url

reference_id

CVE-2016-1684

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://api.first.org/data/v1/epss?cve=CVE-2015-7995

reference_url	https://security.gentoo.org/glsa/201607-07
reference_id	GLSA-201607-07
reference_type
scores
url	https://security.gentoo.org/glsa/201607-07

reference_url	https://access.redhat.com/errata/RHSA-2016:1190
reference_id	RHSA-2016:1190
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1190

reference_url	https://usn.ubuntu.com/2992-1/
reference_id	USN-2992-1
reference_type
scores
url	https://usn.ubuntu.com/2992-1/

reference_url	https://usn.ubuntu.com/3271-1/
reference_id	USN-3271-1
reference_type
scores
url	https://usn.ubuntu.com/3271-1/

fixed_packages

url pkg:deb/debian/libxslt@1.1.28-2%2Bdeb8u3

purl pkg:deb/debian/libxslt@1.1.28-2%2Bdeb8u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.28-2%252Bdeb8u3

url pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

purl pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2

aliases CVE-2016-1684

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ss1-s8fx-vqd7

url VCID-krjm-wk6b-akgk

vulnerability_id VCID-krjm-wk6b-akgk

summary security update

references

reference_url	http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00123.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00123.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7995.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7995.json

reference_url

reference_id

reference_type

scores

value	0.0137
scoring_system	epss
scoring_elements	0.80245
published_at	2026-04-18T12:55:00Z

value	0.0137
scoring_system	epss
scoring_elements	0.80206
published_at	2026-04-08T12:55:00Z

value	0.0137
scoring_system	epss
scoring_elements	0.80215
published_at	2026-04-13T12:55:00Z

value	0.0137
scoring_system	epss
scoring_elements	0.80235
published_at	2026-04-11T12:55:00Z

value	0.0137
scoring_system	epss
scoring_elements	0.8022
published_at	2026-04-12T12:55:00Z

value	0.0137
scoring_system	epss
scoring_elements	0.80243
published_at	2026-04-16T12:55:00Z

value	0.0137
scoring_system	epss
scoring_elements	0.80179
published_at	2026-04-07T12:55:00Z

value	0.01408
scoring_system	epss
scoring_elements	0.80435
published_at	2026-04-02T12:55:00Z

value	0.01408
scoring_system	epss
scoring_elements	0.80456
published_at	2026-04-04T12:55:00Z

value	0.01408
scoring_system	epss
scoring_elements	0.80429
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-7995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617
reference_id
reference_type
scores
url	https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380

reference_url	https://puppet.com/security/cve/cve-2015-7995
reference_id
reference_type
scores
url	https://puppet.com/security/cve/cve-2015-7995

reference_url	https://support.apple.com/HT205729
reference_id
reference_type
scores
url	https://support.apple.com/HT205729

reference_url	https://support.apple.com/HT205731
reference_id
reference_type
scores
url	https://support.apple.com/HT205731

reference_url	https://support.apple.com/HT205732
reference_id
reference_type
scores
url	https://support.apple.com/HT205732

reference_url	https://support.apple.com/HT206168
reference_id
reference_type
scores
url	https://support.apple.com/HT206168

reference_url	http://www.debian.org/security/2016/dsa-3605
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3605

reference_url	http://www.openwall.com/lists/oss-security/2015/10/27/10
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2015/10/27/10

reference_url	http://www.openwall.com/lists/oss-security/2015/10/28/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2015/10/28/4

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

reference_url	http://www.securityfocus.com/bid/77325
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/77325

reference_url	http://www.securitytracker.com/id/1034736
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034736

reference_url	http://www.securitytracker.com/id/1038623
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1038623

reference_url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.386546
reference_id
reference_type
scores
url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.386546

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1257962
reference_id	1257962
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1257962

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802971
reference_id	802971
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802971

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::
reference_id	cpe:2.3:a:xmlsoft:libxslt::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
reference_id	cpe:2.3:o:apple:iphone_os::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
reference_id	cpe:2.3:o:apple:tvos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
reference_id	cpe:2.3:o:apple:watchos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::

reference_url

reference_id

CVE-2015-7995

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url