Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/104701?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/104701?format=api", "purl": "pkg:deb/debian/libxslt@1.1.29-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "libxslt", "version": "1.1.29-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.1.29-2", "latest_non_vulnerable_version": "1.1.43-0.3", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78034?format=api", "vulnerability_id": "VCID-1gsj-a6gq-83ga", "summary": "libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, and CVE-2016-4612.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4609.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4609.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0559", "scoring_system": "epss", "scoring_elements": "0.90466", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0559", "scoring_system": "epss", "scoring_elements": "0.90481", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0559", "scoring_system": "epss", "scoring_elements": "0.90482", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0559", "scoring_system": "epss", "scoring_elements": "0.90478", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4609" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714979", "reference_id": "1714979", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714979" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/104701?format=api", "purl": "pkg:deb/debian/libxslt@1.1.29-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104690?format=api", "purl": "pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104688?format=api", "purl": "pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104692?format=api", "purl": "pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104691?format=api", "purl": "pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9q7z-rwe8-zydg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-4609" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1gsj-a6gq-83ga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78035?format=api", "vulnerability_id": "VCID-5kc1-z3et-eud8", "summary": "libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4610.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4610.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4610", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0559", "scoring_system": "epss", "scoring_elements": "0.90466", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0559", "scoring_system": "epss", "scoring_elements": "0.90481", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0559", "scoring_system": "epss", "scoring_elements": "0.90482", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0559", "scoring_system": "epss", "scoring_elements": "0.90478", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4610" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716448", "reference_id": "1716448", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716448" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/104701?format=api", "purl": "pkg:deb/debian/libxslt@1.1.29-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104690?format=api", "purl": "pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104688?format=api", "purl": "pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104692?format=api", "purl": "pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104691?format=api", "purl": "pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9q7z-rwe8-zydg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-4610" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5kc1-z3et-eud8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38133?format=api", "vulnerability_id": "VCID-7q6s-p2vg-3ugp", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nnokogiri mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document.", "references": [ { "reference_url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1683.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1683.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1683", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.77209", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.77241", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.7725", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00989", "scoring_system": "epss", "scoring_elements": "0.7724", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1683" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340016", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340016" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1683", "reference_id": "CVE-2016-1683", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1683" }, { "reference_url": "https://security.gentoo.org/glsa/201607-07", "reference_id": "GLSA-201607-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1190", "reference_id": "RHSA-2016:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1190" }, { "reference_url": "https://usn.ubuntu.com/2992-1/", "reference_id": "USN-2992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2992-1/" }, { "reference_url": "https://usn.ubuntu.com/3271-1/", "reference_id": "USN-3271-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3271-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/104701?format=api", "purl": "pkg:deb/debian/libxslt@1.1.29-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104690?format=api", "purl": "pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104688?format=api", "purl": "pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104692?format=api", "purl": "pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104691?format=api", "purl": "pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9q7z-rwe8-zydg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1683" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7q6s-p2vg-3ugp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78033?format=api", "vulnerability_id": "VCID-gxb8-phyp-vban", "summary": "libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4608.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4608.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4608", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04106", "scoring_system": "epss", "scoring_elements": "0.88797", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04106", "scoring_system": "epss", "scoring_elements": "0.88814", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.04106", "scoring_system": "epss", "scoring_elements": "0.88812", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4608" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716454", "reference_id": "1716454", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716454" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/104701?format=api", "purl": "pkg:deb/debian/libxslt@1.1.29-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104690?format=api", "purl": "pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104688?format=api", "purl": "pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104692?format=api", "purl": "pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104691?format=api", "purl": "pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9q7z-rwe8-zydg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-4608" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gxb8-phyp-vban" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78031?format=api", "vulnerability_id": "VCID-mgq5-9ve4-9kgb", "summary": "numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1684.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1684.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1684", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00866", "scoring_system": "epss", "scoring_elements": "0.75478", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00866", "scoring_system": "epss", "scoring_elements": "0.75507", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00866", "scoring_system": "epss", "scoring_elements": "0.75511", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00866", "scoring_system": "epss", "scoring_elements": "0.75501", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340017", "reference_id": "1340017", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340017" }, { "reference_url": "https://security.gentoo.org/glsa/201607-07", "reference_id": "GLSA-201607-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1190", "reference_id": "RHSA-2016:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1190" }, { "reference_url": "https://usn.ubuntu.com/2992-1/", "reference_id": "USN-2992-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2992-1/" }, { "reference_url": "https://usn.ubuntu.com/3271-1/", "reference_id": "USN-3271-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3271-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/104701?format=api", "purl": "pkg:deb/debian/libxslt@1.1.29-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104690?format=api", "purl": "pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104688?format=api", "purl": "pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104692?format=api", "purl": "pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104691?format=api", "purl": "pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9q7z-rwe8-zydg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1684" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mgq5-9ve4-9kgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78032?format=api", "vulnerability_id": "VCID-zffq-an1r-ckf3", "summary": "libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1841.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1841.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1841", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82507", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82535", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82534", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01678", "scoring_system": "epss", "scoring_elements": "0.82532", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1841", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1841" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1393780", "reference_id": "1393780", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1393780" }, { "reference_url": "https://usn.ubuntu.com/3271-1/", "reference_id": "USN-3271-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3271-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/104701?format=api", "purl": "pkg:deb/debian/libxslt@1.1.29-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104690?format=api", "purl": "pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104688?format=api", "purl": "pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104692?format=api", "purl": "pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6f4y-n9m4-vydg" }, { "vulnerability": "VCID-e25f-65vw-ykc2" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/104691?format=api", "purl": "pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9q7z-rwe8-zydg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1841" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zffq-an1r-ckf3" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie" }