Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/libxml2@2.9.4-r2?arch=x86&distroversion=v3.4&reponame=main
Typeapk
Namespacealpine
Namelibxml2
Version2.9.4-r2
Qualifiers
arch x86
distroversion v3.4
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.9.4-r3
Latest_non_vulnerable_version2.9.5-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-qtp3-a1g7-8kgw
vulnerability_id VCID-qtp3-a1g7-8kgw
summary 
Improper Restriction of XML External Entity Reference
libxml2, as used in XMLSec and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9318.json
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9318.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9318
reference_id
reference_type
scores
0
value 0.00121
scoring_system epss
scoring_elements 0.31036
published_at 2026-04-18T12:55:00Z
1
value 0.00121
scoring_system epss
scoring_elements 0.31068
published_at 2026-04-12T12:55:00Z
2
value 0.00121
scoring_system epss
scoring_elements 0.31023
published_at 2026-04-13T12:55:00Z
3
value 0.00121
scoring_system epss
scoring_elements 0.31055
published_at 2026-04-16T12:55:00Z
4
value 0.00132
scoring_system epss
scoring_elements 0.32722
published_at 2026-04-07T12:55:00Z
5
value 0.00132
scoring_system epss
scoring_elements 0.32769
published_at 2026-04-08T12:55:00Z
6
value 0.00132
scoring_system epss
scoring_elements 0.32901
published_at 2026-04-04T12:55:00Z
7
value 0.00132
scoring_system epss
scoring_elements 0.32735
published_at 2026-04-01T12:55:00Z
8
value 0.00132
scoring_system epss
scoring_elements 0.32866
published_at 2026-04-02T12:55:00Z
9
value 0.00175
scoring_system epss
scoring_elements 0.3896
published_at 2026-04-09T12:55:00Z
10
value 0.00175
scoring_system epss
scoring_elements 0.38972
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9318
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1395609
reference_id 1395609
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1395609
5
reference_url https://github.com/lsh123/xmlsec/issues/43
reference_id 43
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/
url https://github.com/lsh123/xmlsec/issues/43
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844581
reference_id 844581
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844581
7
reference_url http://www.securityfocus.com/bid/94347
reference_id 94347
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/
url http://www.securityfocus.com/bid/94347
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9318
reference_id CVE-2016-9318
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-9318
9
reference_url https://bugzilla.gnome.org/show_bug.cgi?id=772726
reference_id show_bug.cgi?id=772726
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/
url https://bugzilla.gnome.org/show_bug.cgi?id=772726
10
reference_url https://usn.ubuntu.com/3739-2/
reference_id USN-3739-2
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/
url https://usn.ubuntu.com/3739-2/
fixed_packages
0
url pkg:apk/alpine/libxml2@2.9.4-r2?arch=x86&distroversion=v3.4&reponame=main
purl pkg:apk/alpine/libxml2@2.9.4-r2?arch=x86&distroversion=v3.4&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libxml2@2.9.4-r2%3Farch=x86&distroversion=v3.4&reponame=main
aliases CVE-2016-9318
risk_score 3.0
exploitability 0.5
weighted_severity 6.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qtp3-a1g7-8kgw
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/libxml2@2.9.4-r2%3Farch=x86&distroversion=v3.4&reponame=main