Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libxslt@1.1.32-2.2~deb10u1
Typedeb
Namespacedebian
Namelibxslt
Version1.1.32-2.2~deb10u1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-aauj-xkdy-mbea
vulnerability_id VCID-aauj-xkdy-mbea
summary libxslt: Type confusion in xmlNode.psvi between stylesheet and source nodes
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7424.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7424.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-7424
reference_id
reference_type
scores
0
value 0.00088
scoring_system epss
scoring_elements 0.25066
published_at 2026-04-24T12:55:00Z
1
value 0.00088
scoring_system epss
scoring_elements 0.25125
published_at 2026-04-21T12:55:00Z
2
value 0.00088
scoring_system epss
scoring_elements 0.25157
published_at 2026-04-18T12:55:00Z
3
value 0.00088
scoring_system epss
scoring_elements 0.25167
published_at 2026-04-16T12:55:00Z
4
value 0.00089
scoring_system epss
scoring_elements 0.25205
published_at 2026-04-26T12:55:00Z
5
value 0.00096
scoring_system epss
scoring_elements 0.26665
published_at 2026-04-11T12:55:00Z
6
value 0.00096
scoring_system epss
scoring_elements 0.26542
published_at 2026-04-07T12:55:00Z
7
value 0.00096
scoring_system epss
scoring_elements 0.2661
published_at 2026-04-08T12:55:00Z
8
value 0.00096
scoring_system epss
scoring_elements 0.2666
published_at 2026-04-09T12:55:00Z
9
value 0.00096
scoring_system epss
scoring_elements 0.2662
published_at 2026-04-12T12:55:00Z
10
value 0.00096
scoring_system epss
scoring_elements 0.26562
published_at 2026-04-13T12:55:00Z
11
value 0.00103
scoring_system epss
scoring_elements 0.27858
published_at 2026-04-29T12:55:00Z
12
value 0.00114
scoring_system epss
scoring_elements 0.30199
published_at 2026-04-04T12:55:00Z
13
value 0.00114
scoring_system epss
scoring_elements 0.30152
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-7424
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7424
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7424
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109123
reference_id 1109123
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109123
5
reference_url https://gitlab.gnome.org/GNOME/libxslt/-/issues/139
reference_id 139
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/
url https://gitlab.gnome.org/GNOME/libxslt/-/issues/139
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2379228
reference_id 2379228
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2379228
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1
reference_id cpe:/a:redhat:hummingbird:1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id cpe:/a:redhat:openshift:4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
15
reference_url https://access.redhat.com/security/cve/CVE-2025-7424
reference_id CVE-2025-7424
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/
url https://access.redhat.com/security/cve/CVE-2025-7424
16
reference_url https://access.redhat.com/errata/RHBA-2025:12345
reference_id RHBA-2025:12345
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/
url https://access.redhat.com/errata/RHBA-2025:12345
17
reference_url https://access.redhat.com/errata/RHSA-2026:11015
reference_id RHSA-2026:11015
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/
url https://access.redhat.com/errata/RHSA-2026:11015
18
reference_url https://usn.ubuntu.com/7945-1/
reference_id USN-7945-1
reference_type
scores
url https://usn.ubuntu.com/7945-1/
fixed_packages
0
url pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3
purl pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gz4b-hjbg-pyfz
1
vulnerability VCID-qpxw-q3mc-xfhz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3
aliases CVE-2025-7424
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aauj-xkdy-mbea
1
url VCID-jaep-1ut3-9qan
vulnerability_id VCID-jaep-1ut3-9qan
summary libxslt: Use-After-Free in libxslt numbers.c
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-24855
reference_id
reference_type
scores
0
value 0.00049
scoring_system epss
scoring_elements 0.15193
published_at 2026-04-18T12:55:00Z
1
value 0.00049
scoring_system epss
scoring_elements 0.15404
published_at 2026-04-02T12:55:00Z
2
value 0.00049
scoring_system epss
scoring_elements 0.15187
published_at 2026-04-16T12:55:00Z
3
value 0.00049
scoring_system epss
scoring_elements 0.15473
published_at 2026-04-04T12:55:00Z
4
value 0.00049
scoring_system epss
scoring_elements 0.15277
published_at 2026-04-07T12:55:00Z
5
value 0.00049
scoring_system epss
scoring_elements 0.15365
published_at 2026-04-08T12:55:00Z
6
value 0.00049
scoring_system epss
scoring_elements 0.15415
published_at 2026-04-09T12:55:00Z
7
value 0.00049
scoring_system epss
scoring_elements 0.15377
published_at 2026-04-11T12:55:00Z
8
value 0.00049
scoring_system epss
scoring_elements 0.15272
published_at 2026-04-13T12:55:00Z
9
value 0.00049
scoring_system epss
scoring_elements 0.15337
published_at 2026-04-12T12:55:00Z
10
value 0.00087
scoring_system epss
scoring_elements 0.24873
published_at 2026-04-29T12:55:00Z
11
value 0.00087
scoring_system epss
scoring_elements 0.2493
published_at 2026-04-24T12:55:00Z
12
value 0.00087
scoring_system epss
scoring_elements 0.24918
published_at 2026-04-26T12:55:00Z
13
value 0.00089
scoring_system epss
scoring_elements 0.25296
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-24855
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566
reference_id 1100566
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2352483
reference_id 2352483
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2352483
6
reference_url https://access.redhat.com/errata/RHSA-2025:3107
reference_id RHSA-2025:3107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3107
7
reference_url https://access.redhat.com/errata/RHSA-2025:3389
reference_id RHSA-2025:3389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3389
8
reference_url https://access.redhat.com/errata/RHSA-2025:3528
reference_id RHSA-2025:3528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3528
9
reference_url https://access.redhat.com/errata/RHSA-2025:3615
reference_id RHSA-2025:3615
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3615
10
reference_url https://access.redhat.com/errata/RHSA-2025:3619
reference_id RHSA-2025:3619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3619
11
reference_url https://access.redhat.com/errata/RHSA-2025:3624
reference_id RHSA-2025:3624
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3624
12
reference_url https://access.redhat.com/errata/RHSA-2025:3625
reference_id RHSA-2025:3625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3625
13
reference_url https://access.redhat.com/errata/RHSA-2025:3626
reference_id RHSA-2025:3626
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3626
14
reference_url https://access.redhat.com/errata/RHSA-2025:3627
reference_id RHSA-2025:3627
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3627
15
reference_url https://access.redhat.com/errata/RHSA-2025:4098
reference_id RHSA-2025:4098
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4098
16
reference_url https://access.redhat.com/errata/RHSA-2025:4422
reference_id RHSA-2025:4422
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4422
17
reference_url https://access.redhat.com/errata/RHSA-2025:4427
reference_id RHSA-2025:4427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4427
18
reference_url https://access.redhat.com/errata/RHSA-2025:4431
reference_id RHSA-2025:4431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4431
19
reference_url https://access.redhat.com/errata/RHSA-2025:4677
reference_id RHSA-2025:4677
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4677
20
reference_url https://access.redhat.com/errata/RHSA-2025:4731
reference_id RHSA-2025:4731
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4731
21
reference_url https://access.redhat.com/errata/RHSA-2025:7496
reference_id RHSA-2025:7496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7496
22
reference_url https://access.redhat.com/errata/RHSA-2025:7702
reference_id RHSA-2025:7702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7702
23
reference_url https://access.redhat.com/errata/RHSA-2025:8303
reference_id RHSA-2025:8303
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8303
24
reference_url https://usn.ubuntu.com/7361-1/
reference_id USN-7361-1
reference_type
scores
url https://usn.ubuntu.com/7361-1/
25
reference_url https://usn.ubuntu.com/7787-1/
reference_id USN-7787-1
reference_type
scores
url https://usn.ubuntu.com/7787-1/
fixed_packages
0
url pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3
purl pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gz4b-hjbg-pyfz
1
vulnerability VCID-qpxw-q3mc-xfhz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3
aliases CVE-2025-24855
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jaep-1ut3-9qan
2
url VCID-nxyn-eknv-tqbf
vulnerability_id VCID-nxyn-eknv-tqbf
summary 
Use After Free
Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-30560
reference_id
reference_type
scores
0
value 0.00084
scoring_system epss
scoring_elements 0.24409
published_at 2026-04-07T12:55:00Z
1
value 0.00084
scoring_system epss
scoring_elements 0.24252
published_at 2026-04-29T12:55:00Z
2
value 0.00084
scoring_system epss
scoring_elements 0.24291
published_at 2026-04-26T12:55:00Z
3
value 0.00084
scoring_system epss
scoring_elements 0.24597
published_at 2026-04-02T12:55:00Z
4
value 0.00084
scoring_system epss
scoring_elements 0.24306
published_at 2026-04-24T12:55:00Z
5
value 0.00084
scoring_system epss
scoring_elements 0.24421
published_at 2026-04-21T12:55:00Z
6
value 0.00084
scoring_system epss
scoring_elements 0.24446
published_at 2026-04-18T12:55:00Z
7
value 0.00084
scoring_system epss
scoring_elements 0.24493
published_at 2026-04-12T12:55:00Z
8
value 0.00084
scoring_system epss
scoring_elements 0.24537
published_at 2026-04-11T12:55:00Z
9
value 0.00084
scoring_system epss
scoring_elements 0.24522
published_at 2026-04-09T12:55:00Z
10
value 0.00084
scoring_system epss
scoring_elements 0.24478
published_at 2026-04-08T12:55:00Z
11
value 0.00084
scoring_system epss
scoring_elements 0.24634
published_at 2026-04-04T12:55:00Z
12
value 0.00084
scoring_system epss
scoring_elements 0.24479
published_at 2026-04-01T12:55:00Z
13
value 0.00084
scoring_system epss
scoring_elements 0.24451
published_at 2026-04-16T12:55:00Z
14
value 0.00084
scoring_system epss
scoring_elements 0.24436
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-30560
1
reference_url https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html
2
reference_url https://crbug.com/1219209
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://crbug.com/1219209
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-30560.yml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-30560.yml
6
reference_url https://github.com/sparklemotion/nokogiri
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri
7
reference_url https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2
8
reference_url https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html
9
reference_url https://www.debian.org/security/2022/dsa-5216
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2022/dsa-5216
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079
reference_id 990079
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079
11
reference_url https://security.archlinux.org/ASA-202107-30
reference_id ASA-202107-30
reference_type
scores
url https://security.archlinux.org/ASA-202107-30
12
reference_url https://security.archlinux.org/ASA-202107-31
reference_id ASA-202107-31
reference_type
scores
url https://security.archlinux.org/ASA-202107-31
13
reference_url https://security.archlinux.org/AVG-2166
reference_id AVG-2166
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2166
14
reference_url https://security.archlinux.org/AVG-2167
reference_id AVG-2167
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2167
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-30560
reference_id CVE-2021-30560
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-30560
16
reference_url https://github.com/advisories/GHSA-59gp-qqm7-cw4j
reference_id GHSA-59gp-qqm7-cw4j
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-59gp-qqm7-cw4j
17
reference_url https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2
reference_id GHSA-fq42-c5rg-92c2
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2
18
reference_url https://security.gentoo.org/glsa/202107-49
reference_id GLSA-202107-49
reference_type
scores
url https://security.gentoo.org/glsa/202107-49
19
reference_url https://security.gentoo.org/glsa/202310-23
reference_id GLSA-202310-23
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202310-23
20
reference_url https://usn.ubuntu.com/5575-1/
reference_id USN-5575-1
reference_type
scores
url https://usn.ubuntu.com/5575-1/
21
reference_url https://usn.ubuntu.com/5575-2/
reference_id USN-5575-2
reference_type
scores
url https://usn.ubuntu.com/5575-2/
fixed_packages
0
url pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1
purl pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-aauj-xkdy-mbea
1
vulnerability VCID-gz4b-hjbg-pyfz
2
vulnerability VCID-jaep-1ut3-9qan
3
vulnerability VCID-qpxw-q3mc-xfhz
4
vulnerability VCID-wdxa-4bjj-7fe5
5
vulnerability VCID-z7hh-qpzy-c7b2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1
aliases CVE-2021-30560, GHSA-59gp-qqm7-cw4j
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nxyn-eknv-tqbf
3
url VCID-sxp3-vtcq-pugw
vulnerability_id VCID-sxp3-vtcq-pugw
summary 
Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.

Nokogiri prior to version 1.10.5 contains a vulnerable version of libxslt. Nokogiri version 1.10.5 upgrades the dependency to libxslt 1.1.34, which contains a patch for this issue.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html
4
reference_url https://access.redhat.com/errata/RHSA-2020:0514
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2020:0514
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18197.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18197.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18197
reference_id
reference_type
scores
0
value 0.04534
scoring_system epss
scoring_elements 0.89206
published_at 2026-04-29T12:55:00Z
1
value 0.04534
scoring_system epss
scoring_elements 0.89118
published_at 2026-04-01T12:55:00Z
2
value 0.04534
scoring_system epss
scoring_elements 0.89126
published_at 2026-04-02T12:55:00Z
3
value 0.04534
scoring_system epss
scoring_elements 0.89141
published_at 2026-04-04T12:55:00Z
4
value 0.04534
scoring_system epss
scoring_elements 0.89143
published_at 2026-04-07T12:55:00Z
5
value 0.04534
scoring_system epss
scoring_elements 0.89161
published_at 2026-04-08T12:55:00Z
6
value 0.04534
scoring_system epss
scoring_elements 0.89167
published_at 2026-04-09T12:55:00Z
7
value 0.04534
scoring_system epss
scoring_elements 0.89177
published_at 2026-04-11T12:55:00Z
8
value 0.04534
scoring_system epss
scoring_elements 0.89173
published_at 2026-04-12T12:55:00Z
9
value 0.04534
scoring_system epss
scoring_elements 0.89171
published_at 2026-04-13T12:55:00Z
10
value 0.04534
scoring_system epss
scoring_elements 0.89184
published_at 2026-04-16T12:55:00Z
11
value 0.04534
scoring_system epss
scoring_elements 0.89183
published_at 2026-04-18T12:55:00Z
12
value 0.04534
scoring_system epss
scoring_elements 0.89179
published_at 2026-04-21T12:55:00Z
13
value 0.04534
scoring_system epss
scoring_elements 0.89196
published_at 2026-04-24T12:55:00Z
14
value 0.04534
scoring_system epss
scoring_elements 0.89202
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18197
7
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15746
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15746
8
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15768
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15768
9
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15914
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15914
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18197
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18197
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-18197.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-18197.yml
13
reference_url https://github.com/sparklemotion/nokogiri
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri
14
reference_url https://github.com/sparklemotion/nokogiri/blob/01ab95f3e37429ed8d3b380a8d2f73902eb325d9/CHANGELOG.md?plain=1#L934
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/blob/01ab95f3e37429ed8d3b380a8d2f73902eb325d9/CHANGELOG.md?plain=1#L934
15
reference_url https://github.com/sparklemotion/nokogiri/issues/1943
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/1943
16
reference_url https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285
17
reference_url https://lists.debian.org/debian-lts-announce/2019/10/msg00037.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/10/msg00037.html
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18197
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-18197
19
reference_url https://security.netapp.com/advisory/ntap-20191031-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20191031-0004
20
reference_url https://security.netapp.com/advisory/ntap-20191031-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20191031-0004/
21
reference_url https://security.netapp.com/advisory/ntap-20200416-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200416-0004
22
reference_url https://security.netapp.com/advisory/ntap-20200416-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200416-0004/
23
reference_url https://usn.ubuntu.com/4164-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4164-1
24
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2020.html
25
reference_url http://www.openwall.com/lists/oss-security/2019/11/17/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/11/17/2
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1770768
reference_id 1770768
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1770768
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942646
reference_id 942646
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942646
28
reference_url https://security.archlinux.org/ASA-202002-3
reference_id ASA-202002-3
reference_type
scores
url https://security.archlinux.org/ASA-202002-3
29
reference_url https://security.archlinux.org/AVG-1092
reference_id AVG-1092
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1092
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.33:*:*:*:*:*:*:*
reference_id cpe:2.3:a:xmlsoft:libxslt:1.1.33:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.33:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
reference_id cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
39
reference_url https://github.com/advisories/GHSA-242x-7cm6-4w8j
reference_id GHSA-242x-7cm6-4w8j
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-242x-7cm6-4w8j
40
reference_url https://access.redhat.com/errata/RHSA-2020:4005
reference_id RHSA-2020:4005
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4005
41
reference_url https://access.redhat.com/errata/RHSA-2020:4464
reference_id RHSA-2020:4464
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4464
42
reference_url https://usn.ubuntu.com/4164-1/
reference_id USN-4164-1
reference_type
scores
url https://usn.ubuntu.com/4164-1/
fixed_packages
0
url pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1
purl pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-aauj-xkdy-mbea
1
vulnerability VCID-gz4b-hjbg-pyfz
2
vulnerability VCID-jaep-1ut3-9qan
3
vulnerability VCID-qpxw-q3mc-xfhz
4
vulnerability VCID-wdxa-4bjj-7fe5
5
vulnerability VCID-z7hh-qpzy-c7b2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1
aliases CVE-2019-18197, GHSA-242x-7cm6-4w8j
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sxp3-vtcq-pugw
4
url VCID-wdxa-4bjj-7fe5
vulnerability_id VCID-wdxa-4bjj-7fe5
summary libxslt: Processing web content may disclose sensitive information
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40403.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40403.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-40403
reference_id
reference_type
scores
0
value 0.00108
scoring_system epss
scoring_elements 0.29186
published_at 2026-04-04T12:55:00Z
1
value 0.00108
scoring_system epss
scoring_elements 0.28996
published_at 2026-04-07T12:55:00Z
2
value 0.00118
scoring_system epss
scoring_elements 0.30416
published_at 2026-04-24T12:55:00Z
3
value 0.00118
scoring_system epss
scoring_elements 0.30597
published_at 2026-04-21T12:55:00Z
4
value 0.00118
scoring_system epss
scoring_elements 0.30708
published_at 2026-04-09T12:55:00Z
5
value 0.00118
scoring_system epss
scoring_elements 0.30676
published_at 2026-04-08T12:55:00Z
6
value 0.00126
scoring_system epss
scoring_elements 0.31935
published_at 2026-04-02T12:55:00Z
7
value 0.00137
scoring_system epss
scoring_elements 0.33181
published_at 2026-04-29T12:55:00Z
8
value 0.00137
scoring_system epss
scoring_elements 0.3353
published_at 2026-04-11T12:55:00Z
9
value 0.00137
scoring_system epss
scoring_elements 0.33489
published_at 2026-04-12T12:55:00Z
10
value 0.00137
scoring_system epss
scoring_elements 0.33465
published_at 2026-04-13T12:55:00Z
11
value 0.00137
scoring_system epss
scoring_elements 0.33501
published_at 2026-04-16T12:55:00Z
12
value 0.00137
scoring_system epss
scoring_elements 0.33476
published_at 2026-04-18T12:55:00Z
13
value 0.00137
scoring_system epss
scoring_elements 0.33262
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-40403
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40403
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40403
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://seclists.org/fulldisclosure/2023/Oct/10
reference_id 10
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url http://seclists.org/fulldisclosure/2023/Oct/10
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108074
reference_id 1108074
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108074
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2349766
reference_id 2349766
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2349766
7
reference_url http://seclists.org/fulldisclosure/2023/Oct/3
reference_id 3
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url http://seclists.org/fulldisclosure/2023/Oct/3
8
reference_url http://seclists.org/fulldisclosure/2023/Oct/4
reference_id 4
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url http://seclists.org/fulldisclosure/2023/Oct/4
9
reference_url http://seclists.org/fulldisclosure/2023/Oct/5
reference_id 5
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url http://seclists.org/fulldisclosure/2023/Oct/5
10
reference_url http://seclists.org/fulldisclosure/2023/Oct/6
reference_id 6
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url http://seclists.org/fulldisclosure/2023/Oct/6
11
reference_url http://seclists.org/fulldisclosure/2023/Oct/8
reference_id 8
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url http://seclists.org/fulldisclosure/2023/Oct/8
12
reference_url http://seclists.org/fulldisclosure/2023/Oct/9
reference_id 9
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url http://seclists.org/fulldisclosure/2023/Oct/9
13
reference_url https://support.apple.com/en-us/HT213927
reference_id HT213927
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url https://support.apple.com/en-us/HT213927
14
reference_url https://support.apple.com/en-us/HT213931
reference_id HT213931
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url https://support.apple.com/en-us/HT213931
15
reference_url https://support.apple.com/en-us/HT213932
reference_id HT213932
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url https://support.apple.com/en-us/HT213932
16
reference_url https://support.apple.com/en-us/HT213936
reference_id HT213936
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url https://support.apple.com/en-us/HT213936
17
reference_url https://support.apple.com/en-us/HT213937
reference_id HT213937
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url https://support.apple.com/en-us/HT213937
18
reference_url https://support.apple.com/en-us/HT213938
reference_id HT213938
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url https://support.apple.com/en-us/HT213938
19
reference_url https://support.apple.com/en-us/HT213940
reference_id HT213940
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/
url https://support.apple.com/en-us/HT213940
20
reference_url https://access.redhat.com/errata/RHSA-2025:8676
reference_id RHSA-2025:8676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8676
21
reference_url https://access.redhat.com/errata/RHSA-2025:9016
reference_id RHSA-2025:9016
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9016
22
reference_url https://access.redhat.com/errata/RHSA-2026:10065
reference_id RHSA-2026:10065
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10065
23
reference_url https://access.redhat.com/errata/RHSA-2026:6266
reference_id RHSA-2026:6266
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6266
24
reference_url https://access.redhat.com/errata/RHSA-2026:6499
reference_id RHSA-2026:6499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6499
25
reference_url https://access.redhat.com/errata/RHSA-2026:7335
reference_id RHSA-2026:7335
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7335
26
reference_url https://access.redhat.com/errata/RHSA-2026:8746
reference_id RHSA-2026:8746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8746
27
reference_url https://access.redhat.com/errata/RHSA-2026:8747
reference_id RHSA-2026:8747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8747
28
reference_url https://access.redhat.com/errata/RHSA-2026:8748
reference_id RHSA-2026:8748
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8748
29
reference_url https://usn.ubuntu.com/7600-1/
reference_id USN-7600-1
reference_type
scores
url https://usn.ubuntu.com/7600-1/
fixed_packages
0
url pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3
purl pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gz4b-hjbg-pyfz
1
vulnerability VCID-qpxw-q3mc-xfhz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3
aliases CVE-2023-40403
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wdxa-4bjj-7fe5
5
url VCID-z7hh-qpzy-c7b2
vulnerability_id VCID-z7hh-qpzy-c7b2
summary libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-55549
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15368
published_at 2026-04-07T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.15455
published_at 2026-04-08T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.15498
published_at 2026-04-02T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.15569
published_at 2026-04-04T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.15886
published_at 2026-04-13T12:55:00Z
5
value 0.00051
scoring_system epss
scoring_elements 0.15954
published_at 2026-04-12T12:55:00Z
6
value 0.00051
scoring_system epss
scoring_elements 0.15824
published_at 2026-04-18T12:55:00Z
7
value 0.00051
scoring_system epss
scoring_elements 0.15811
published_at 2026-04-16T12:55:00Z
8
value 0.00051
scoring_system epss
scoring_elements 0.16014
published_at 2026-04-09T12:55:00Z
9
value 0.00051
scoring_system epss
scoring_elements 0.15992
published_at 2026-04-11T12:55:00Z
10
value 0.00104
scoring_system epss
scoring_elements 0.27966
published_at 2026-04-29T12:55:00Z
11
value 0.00104
scoring_system epss
scoring_elements 0.28156
published_at 2026-04-24T12:55:00Z
12
value 0.00104
scoring_system epss
scoring_elements 0.28044
published_at 2026-04-26T12:55:00Z
13
value 0.00106
scoring_system epss
scoring_elements 0.28623
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-55549
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100565
reference_id 1100565
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100565
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2352484
reference_id 2352484
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2352484
6
reference_url https://access.redhat.com/errata/RHSA-2025:3613
reference_id RHSA-2025:3613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3613
7
reference_url https://access.redhat.com/errata/RHSA-2025:3614
reference_id RHSA-2025:3614
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3614
8
reference_url https://access.redhat.com/errata/RHSA-2025:3615
reference_id RHSA-2025:3615
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3615
9
reference_url https://access.redhat.com/errata/RHSA-2025:3619
reference_id RHSA-2025:3619
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3619
10
reference_url https://access.redhat.com/errata/RHSA-2025:3624
reference_id RHSA-2025:3624
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3624
11
reference_url https://access.redhat.com/errata/RHSA-2025:3625
reference_id RHSA-2025:3625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3625
12
reference_url https://access.redhat.com/errata/RHSA-2025:3626
reference_id RHSA-2025:3626
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3626
13
reference_url https://access.redhat.com/errata/RHSA-2025:3627
reference_id RHSA-2025:3627
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3627
14
reference_url https://access.redhat.com/errata/RHSA-2025:4025
reference_id RHSA-2025:4025
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4025
15
reference_url https://access.redhat.com/errata/RHSA-2025:4098
reference_id RHSA-2025:4098
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4098
16
reference_url https://access.redhat.com/errata/RHSA-2025:4422
reference_id RHSA-2025:4422
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4422
17
reference_url https://access.redhat.com/errata/RHSA-2025:4427
reference_id RHSA-2025:4427
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4427
18
reference_url https://access.redhat.com/errata/RHSA-2025:4431
reference_id RHSA-2025:4431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4431
19
reference_url https://access.redhat.com/errata/RHSA-2025:4677
reference_id RHSA-2025:4677
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4677
20
reference_url https://access.redhat.com/errata/RHSA-2025:4731
reference_id RHSA-2025:4731
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4731
21
reference_url https://access.redhat.com/errata/RHSA-2025:7410
reference_id RHSA-2025:7410
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7410
22
reference_url https://access.redhat.com/errata/RHSA-2025:7496
reference_id RHSA-2025:7496
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7496
23
reference_url https://access.redhat.com/errata/RHSA-2025:7702
reference_id RHSA-2025:7702
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7702
24
reference_url https://access.redhat.com/errata/RHSA-2025:8303
reference_id RHSA-2025:8303
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8303
25
reference_url https://usn.ubuntu.com/7357-1/
reference_id USN-7357-1
reference_type
scores
url https://usn.ubuntu.com/7357-1/
26
reference_url https://usn.ubuntu.com/7787-1/
reference_id USN-7787-1
reference_type
scores
url https://usn.ubuntu.com/7787-1/
fixed_packages
0
url pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3
purl pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gz4b-hjbg-pyfz
1
vulnerability VCID-qpxw-q3mc-xfhz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3
aliases CVE-2024-55549
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z7hh-qpzy-c7b2
6
url VCID-zwzs-qztz-wbfj
vulnerability_id VCID-zwzs-qztz-wbfj
summary 
Multiple vulnerabilities have been found in Chromium and Google
    Chrome, the worst of which could allow remote attackers to execute
    arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5815.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5815.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-5815
reference_id
reference_type
scores
0
value 0.00111
scoring_system epss
scoring_elements 0.29204
published_at 2026-04-29T12:55:00Z
1
value 0.00111
scoring_system epss
scoring_elements 0.29269
published_at 2026-04-26T12:55:00Z
2
value 0.00111
scoring_system epss
scoring_elements 0.29384
published_at 2026-04-24T12:55:00Z
3
value 0.00111
scoring_system epss
scoring_elements 0.29497
published_at 2026-04-21T12:55:00Z
4
value 0.00111
scoring_system epss
scoring_elements 0.29723
published_at 2026-04-04T12:55:00Z
5
value 0.00111
scoring_system epss
scoring_elements 0.29606
published_at 2026-04-08T12:55:00Z
6
value 0.00111
scoring_system epss
scoring_elements 0.29643
published_at 2026-04-09T12:55:00Z
7
value 0.00111
scoring_system epss
scoring_elements 0.29673
published_at 2026-04-02T12:55:00Z
8
value 0.00111
scoring_system epss
scoring_elements 0.29543
published_at 2026-04-07T12:55:00Z
9
value 0.00111
scoring_system epss
scoring_elements 0.29542
published_at 2026-04-18T12:55:00Z
10
value 0.00111
scoring_system epss
scoring_elements 0.29568
published_at 2026-04-16T12:55:00Z
11
value 0.00111
scoring_system epss
scoring_elements 0.29549
published_at 2026-04-13T12:55:00Z
12
value 0.00111
scoring_system epss
scoring_elements 0.29601
published_at 2026-04-12T12:55:00Z
13
value 0.00111
scoring_system epss
scoring_elements 0.29646
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-5815
2
reference_url https://bugs.chromium.org/p/chromium/issues/detail?id=930663
reference_id
reference_type
scores
url https://bugs.chromium.org/p/chromium/issues/detail?id=930663
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13698
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13698
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5823
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830
27
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831
28
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832
29
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833
30
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834
31
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836
32
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837
33
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838
34
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839
35
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840
36
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5841
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5841
37
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842
38
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5843
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5843
39
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5847
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5847
40
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5848
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5848
41
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5849
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5849
42
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5850
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5850
43
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5851
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5851
44
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5852
45
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5853
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5853
46
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5854
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5854
47
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5855
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5855
48
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5856
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5856
49
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5857
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5857
50
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5858
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5858
51
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5859
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5859
52
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5860
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5860
53
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5861
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5861
54
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5862
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5862
55
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5864
56
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5865
57
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5867
58
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5868
59
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6503
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6503
60
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6504
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6504
61
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-5815.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-5815.yml
62
reference_url https://github.com/sparklemotion/nokogiri
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri
63
reference_url https://github.com/sparklemotion/nokogiri/issues/2630
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/2630
64
reference_url https://gitlab.gnome.org/GNOME/libxslt/commit/08b62c25871b38d5d573515ca8a065b4b8f64f6b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://gitlab.gnome.org/GNOME/libxslt/commit/08b62c25871b38d5d573515ca8a065b4b8f64f6b
65
reference_url https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html
66
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-5815
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-5815
67
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1702905
reference_id 1702905
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1702905
68
reference_url https://security.archlinux.org/ASA-201904-12
reference_id ASA-201904-12
reference_type
scores
url https://security.archlinux.org/ASA-201904-12
69
reference_url https://security.archlinux.org/AVG-952
reference_id AVG-952
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-952
70
reference_url https://github.com/advisories/GHSA-vmfx-gcfq-wvm2
reference_id GHSA-vmfx-gcfq-wvm2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vmfx-gcfq-wvm2
71
reference_url https://security.gentoo.org/glsa/201908-18
reference_id GLSA-201908-18
reference_type
scores
url https://security.gentoo.org/glsa/201908-18
72
reference_url https://access.redhat.com/errata/RHSA-2019:1021
reference_id RHSA-2019:1021
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1021
73
reference_url https://usn.ubuntu.com/5575-1/
reference_id USN-5575-1
reference_type
scores
url https://usn.ubuntu.com/5575-1/
74
reference_url https://usn.ubuntu.com/5575-2/
reference_id USN-5575-2
reference_type
scores
url https://usn.ubuntu.com/5575-2/
fixed_packages
0
url pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1
purl pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-aauj-xkdy-mbea
1
vulnerability VCID-gz4b-hjbg-pyfz
2
vulnerability VCID-jaep-1ut3-9qan
3
vulnerability VCID-qpxw-q3mc-xfhz
4
vulnerability VCID-wdxa-4bjj-7fe5
5
vulnerability VCID-z7hh-qpzy-c7b2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1
aliases CVE-2019-5815, GHSA-vmfx-gcfq-wvm2
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zwzs-qztz-wbfj
Fixing_vulnerabilities
0
url VCID-96v6-vs1m-skf3
vulnerability_id VCID-96v6-vs1m-skf3
summary 
Improper Input Validation
In `numbers.c` in libxslt, which is used by nokogiri, a type holding grouping characters of an `xsl:number` instruction was too narrow and an invalid character/length combination could be passed to `xsltNumberFormatDecimal`, leading to a read of uninitialized stack data.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13118.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13118.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-13118
reference_id
reference_type
scores
0
value 0.01008
scoring_system epss
scoring_elements 0.77101
published_at 2026-04-16T12:55:00Z
1
value 0.01008
scoring_system epss
scoring_elements 0.77149
published_at 2026-04-29T12:55:00Z
2
value 0.01008
scoring_system epss
scoring_elements 0.77135
published_at 2026-04-26T12:55:00Z
3
value 0.01008
scoring_system epss
scoring_elements 0.77128
published_at 2026-04-24T12:55:00Z
4
value 0.01008
scoring_system epss
scoring_elements 0.77093
published_at 2026-04-21T12:55:00Z
5
value 0.01008
scoring_system epss
scoring_elements 0.77103
published_at 2026-04-18T12:55:00Z
6
value 0.01027
scoring_system epss
scoring_elements 0.77276
published_at 2026-04-08T12:55:00Z
7
value 0.01027
scoring_system epss
scoring_elements 0.77228
published_at 2026-04-01T12:55:00Z
8
value 0.01027
scoring_system epss
scoring_elements 0.77235
published_at 2026-04-02T12:55:00Z
9
value 0.01027
scoring_system epss
scoring_elements 0.77263
published_at 2026-04-04T12:55:00Z
10
value 0.01027
scoring_system epss
scoring_elements 0.77245
published_at 2026-04-07T12:55:00Z
11
value 0.01027
scoring_system epss
scoring_elements 0.77289
published_at 2026-04-13T12:55:00Z
12
value 0.01027
scoring_system epss
scoring_elements 0.77292
published_at 2026-04-12T12:55:00Z
13
value 0.01027
scoring_system epss
scoring_elements 0.77313
published_at 2026-04-11T12:55:00Z
14
value 0.01027
scoring_system epss
scoring_elements 0.77285
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-13118
3
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13118
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13118
5
reference_url http://seclists.org/fulldisclosure/2019/Aug/11
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Aug/11
6
reference_url http://seclists.org/fulldisclosure/2019/Aug/13
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Aug/13
7
reference_url http://seclists.org/fulldisclosure/2019/Aug/14
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Aug/14
8
reference_url http://seclists.org/fulldisclosure/2019/Aug/15
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Aug/15
9
reference_url http://seclists.org/fulldisclosure/2019/Jul/22
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Jul/22
10
reference_url http://seclists.org/fulldisclosure/2019/Jul/23
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Jul/23
11
reference_url http://seclists.org/fulldisclosure/2019/Jul/24
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Jul/24
12
reference_url http://seclists.org/fulldisclosure/2019/Jul/26
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Jul/26
13
reference_url http://seclists.org/fulldisclosure/2019/Jul/31
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Jul/31
14
reference_url http://seclists.org/fulldisclosure/2019/Jul/37
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Jul/37
15
reference_url http://seclists.org/fulldisclosure/2019/Jul/38
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2019/Jul/38
16
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
17
reference_url https://github.com/sparklemotion/nokogiri/blob/f7aa3b0b29d6fe5fafe93dacd9b96b6b3d16b7ec/CHANGELOG.md?plain=1#L796
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/blob/f7aa3b0b29d6fe5fafe93dacd9b96b6b3d16b7ec/CHANGELOG.md?plain=1#L796
18
reference_url https://github.com/sparklemotion/nokogiri/commit/43a175339b47b8c604508813fc75b83f13cd173e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/commit/43a175339b47b8c604508813fc75b83f13cd173e
19
reference_url https://github.com/sparklemotion/nokogiri/issues/1943
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/1943
20
reference_url https://github.com/sparklemotion/nokogiri/releases/tag/v1.10.5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/releases/tag/v1.10.5
21
reference_url https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b
22
reference_url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
24
reference_url https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/
27
reference_url https://oss-fuzz.com/testcase-detail/5197371471822848
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://oss-fuzz.com/testcase-detail/5197371471822848
28
reference_url https://seclists.org/bugtraq/2019/Aug/21
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/21
29
reference_url https://seclists.org/bugtraq/2019/Aug/22
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/22
30
reference_url https://seclists.org/bugtraq/2019/Aug/23
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/23
31
reference_url https://seclists.org/bugtraq/2019/Aug/25
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Aug/25
32
reference_url https://seclists.org/bugtraq/2019/Jul/35
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Jul/35
33
reference_url https://seclists.org/bugtraq/2019/Jul/36
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Jul/36
34
reference_url https://seclists.org/bugtraq/2019/Jul/37
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Jul/37
35
reference_url https://seclists.org/bugtraq/2019/Jul/40
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Jul/40
36
reference_url https://seclists.org/bugtraq/2019/Jul/41
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Jul/41
37
reference_url https://seclists.org/bugtraq/2019/Jul/42
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Jul/42
38
reference_url https://security.netapp.com/advisory/ntap-20190806-0004
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190806-0004
39
reference_url https://security.netapp.com/advisory/ntap-20190806-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190806-0004/
40
reference_url https://security.netapp.com/advisory/ntap-20200122-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200122-0003
41
reference_url https://security.netapp.com/advisory/ntap-20200122-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200122-0003/
42
reference_url https://support.apple.com/kb/HT210346
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT210346
43
reference_url https://support.apple.com/kb/HT210348
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT210348
44
reference_url https://support.apple.com/kb/HT210351
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT210351
45
reference_url https://support.apple.com/kb/HT210353
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT210353
46
reference_url https://support.apple.com/kb/HT210356
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT210356
47
reference_url https://support.apple.com/kb/HT210357
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT210357
48
reference_url https://support.apple.com/kb/HT210358
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT210358
49
reference_url https://usn.ubuntu.com/4164-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4164-1
50
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2020.html
51
reference_url http://www.openwall.com/lists/oss-security/2019/11/17/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/11/17/2
52
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1728541
reference_id 1728541
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1728541
53
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931320
reference_id 931320
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931320
54
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-13118
reference_id CVE-2019-13118
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-13118
55
reference_url https://github.com/advisories/GHSA-cf46-6xxh-pc75
reference_id GHSA-cf46-6xxh-pc75
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cf46-6xxh-pc75
56
reference_url https://usn.ubuntu.com/4164-1/
reference_id USN-4164-1
reference_type
scores
url https://usn.ubuntu.com/4164-1/
fixed_packages
0
url pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1
purl pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-aauj-xkdy-mbea
1
vulnerability VCID-jaep-1ut3-9qan
2
vulnerability VCID-nxyn-eknv-tqbf
3
vulnerability VCID-sxp3-vtcq-pugw
4
vulnerability VCID-wdxa-4bjj-7fe5
5
vulnerability VCID-z7hh-qpzy-c7b2
6
vulnerability VCID-zwzs-qztz-wbfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1
aliases CVE-2019-13118, GHSA-cf46-6xxh-pc75
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96v6-vs1m-skf3
1
url VCID-tdt5-asvh-ryaa
vulnerability_id VCID-tdt5-asvh-ryaa
summary 
Bypass of a protection mechanism in libxslt
The libxslt binary, which is included in nokogiri, allows bypass of a protection mechanism because callers of `xsltCheckRead` and `xsltCheckWrite` permit access even upon receiving a -1 error code. `xsltCheckRead` can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00048.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00048.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00052.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00052.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00053.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00053.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00025.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00025.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00001.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00001.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11068.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11068.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11068
reference_id
reference_type
scores
0
value 0.01127
scoring_system epss
scoring_elements 0.78277
published_at 2026-04-04T12:55:00Z
1
value 0.01127
scoring_system epss
scoring_elements 0.78374
published_at 2026-04-29T12:55:00Z
2
value 0.01127
scoring_system epss
scoring_elements 0.78358
published_at 2026-04-26T12:55:00Z
3
value 0.01127
scoring_system epss
scoring_elements 0.78351
published_at 2026-04-24T12:55:00Z
4
value 0.01127
scoring_system epss
scoring_elements 0.78319
published_at 2026-04-21T12:55:00Z
5
value 0.01127
scoring_system epss
scoring_elements 0.78323
published_at 2026-04-18T12:55:00Z
6
value 0.01127
scoring_system epss
scoring_elements 0.78324
published_at 2026-04-16T12:55:00Z
7
value 0.01127
scoring_system epss
scoring_elements 0.78295
published_at 2026-04-13T12:55:00Z
8
value 0.01127
scoring_system epss
scoring_elements 0.783
published_at 2026-04-12T12:55:00Z
9
value 0.01127
scoring_system epss
scoring_elements 0.78317
published_at 2026-04-11T12:55:00Z
10
value 0.01127
scoring_system epss
scoring_elements 0.78291
published_at 2026-04-09T12:55:00Z
11
value 0.01127
scoring_system epss
scoring_elements 0.78285
published_at 2026-04-08T12:55:00Z
12
value 0.01127
scoring_system epss
scoring_elements 0.78259
published_at 2026-04-07T12:55:00Z
13
value 0.01127
scoring_system epss
scoring_elements 0.78246
published_at 2026-04-02T12:55:00Z
14
value 0.01127
scoring_system epss
scoring_elements 0.78238
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11068
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11068
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11068
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-11068.yml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-11068.yml
10
reference_url https://github.com/sparklemotion/nokogiri/blob/f7aa3b0b29d6fe5fafe93dacd9b96b6b3d16b7ec/CHANGELOG.md?plain=1#L826
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/blob/f7aa3b0b29d6fe5fafe93dacd9b96b6b3d16b7ec/CHANGELOG.md?plain=1#L826
11
reference_url https://github.com/sparklemotion/nokogiri/commit/fe034aedcc59b566740567d621843731686676b9
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/commit/fe034aedcc59b566740567d621843731686676b9
12
reference_url https://github.com/sparklemotion/nokogiri/issues/1892
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/1892
13
reference_url https://github.com/sparklemotion/nokogiri/pull/1898
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/pull/1898
14
reference_url https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
15
reference_url https://lists.debian.org/debian-lts-announce/2019/04/msg00016.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/04/msg00016.html
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU/
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/
25
reference_url https://security.netapp.com/advisory/ntap-20191017-0001
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20191017-0001
26
reference_url https://security.netapp.com/advisory/ntap-20191017-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20191017-0001/
27
reference_url https://usn.ubuntu.com/3947-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3947-1
28
reference_url https://usn.ubuntu.com/3947-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3947-1/
29
reference_url https://usn.ubuntu.com/3947-2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3947-2
30
reference_url https://usn.ubuntu.com/3947-2/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3947-2/
31
reference_url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
32
reference_url http://www.openwall.com/lists/oss-security/2019/04/22/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/04/22/1
33
reference_url http://www.openwall.com/lists/oss-security/2019/04/23/5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/04/23/5
34
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1709697
reference_id 1709697
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1709697
35
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926895
reference_id 926895
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926895
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
reference_id cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
reference_id cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*
reference_id cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:oracle:*:*
reference_id cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:oracle:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:oracle:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
reference_id cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:8.0:update_221:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:jdk:8.0:update_221:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:8.0:update_221:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
65
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
66
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*
67
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11068
reference_id CVE-2019-11068
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-11068
68
reference_url https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11068
reference_id CVE-2019-11068
reference_type
scores
url https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11068
69
reference_url https://security-tracker.debian.org/tracker/CVE-2019-11068
reference_id CVE-2019-11068
reference_type
scores
url https://security-tracker.debian.org/tracker/CVE-2019-11068
70
reference_url https://github.com/advisories/GHSA-qxcg-xjjg-66mj
reference_id GHSA-qxcg-xjjg-66mj
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qxcg-xjjg-66mj
71
reference_url https://access.redhat.com/errata/RHSA-2020:4005
reference_id RHSA-2020:4005
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4005
72
reference_url https://access.redhat.com/errata/RHSA-2020:4464
reference_id RHSA-2020:4464
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4464
fixed_packages
0
url pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1
purl pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-aauj-xkdy-mbea
1
vulnerability VCID-jaep-1ut3-9qan
2
vulnerability VCID-nxyn-eknv-tqbf
3
vulnerability VCID-sxp3-vtcq-pugw
4
vulnerability VCID-wdxa-4bjj-7fe5
5
vulnerability VCID-z7hh-qpzy-c7b2
6
vulnerability VCID-zwzs-qztz-wbfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1
aliases CVE-2019-11068, GHSA-qxcg-xjjg-66mj
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tdt5-asvh-ryaa
2
url VCID-txm2-sdc1-7uch
vulnerability_id VCID-txm2-sdc1-7uch
summary 
Improper Input Validation
In `numbers.c` in libxslt, which is used by nokogiri, an `xsl:number` with certain format strings could lead to an uninitialized read in `xsltNumberFormatInsertNumbers`. This could allow an attacker to discern whether a byte on the stack contains the characters `[AaIi0]`, or any other character.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13117.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13117.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-13117
reference_id
reference_type
scores
0
value 0.04376
scoring_system epss
scoring_elements 0.89009
published_at 2026-04-29T12:55:00Z
1
value 0.04376
scoring_system epss
scoring_elements 0.8899
published_at 2026-04-16T12:55:00Z
2
value 0.04376
scoring_system epss
scoring_elements 0.88988
published_at 2026-04-18T12:55:00Z
3
value 0.04376
scoring_system epss
scoring_elements 0.88984
published_at 2026-04-21T12:55:00Z
4
value 0.04376
scoring_system epss
scoring_elements 0.89001
published_at 2026-04-24T12:55:00Z
5
value 0.04457
scoring_system epss
scoring_elements 0.89072
published_at 2026-04-13T12:55:00Z
6
value 0.04457
scoring_system epss
scoring_elements 0.89019
published_at 2026-04-01T12:55:00Z
7
value 0.04457
scoring_system epss
scoring_elements 0.89027
published_at 2026-04-02T12:55:00Z
8
value 0.04457
scoring_system epss
scoring_elements 0.89043
published_at 2026-04-04T12:55:00Z
9
value 0.04457
scoring_system epss
scoring_elements 0.89044
published_at 2026-04-07T12:55:00Z
10
value 0.04457
scoring_system epss
scoring_elements 0.89062
published_at 2026-04-08T12:55:00Z
11
value 0.04457
scoring_system epss
scoring_elements 0.89066
published_at 2026-04-09T12:55:00Z
12
value 0.04457
scoring_system epss
scoring_elements 0.89078
published_at 2026-04-11T12:55:00Z
13
value 0.04457
scoring_system epss
scoring_elements 0.89074
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-13117
3
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13117
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13117
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-13117.yml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-13117.yml
7
reference_url https://github.com/sparklemotion/nokogiri/issues/1943
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/1943
8
reference_url https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1
9
reference_url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
11
reference_url https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/
14
reference_url https://oss-fuzz.com/testcase-detail/5631739747106816
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://oss-fuzz.com/testcase-detail/5631739747106816
15
reference_url https://security.netapp.com/advisory/ntap-20190806-0004
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190806-0004
16
reference_url https://security.netapp.com/advisory/ntap-20190806-0004/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190806-0004/
17
reference_url https://security.netapp.com/advisory/ntap-20200122-0003
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200122-0003
18
reference_url https://security.netapp.com/advisory/ntap-20200122-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20200122-0003/
19
reference_url https://usn.ubuntu.com/4164-1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4164-1
20
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujan2020.html
21
reference_url http://www.openwall.com/lists/oss-security/2019/11/17/2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/11/17/2
22
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1728546
reference_id 1728546
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1728546
23
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931321
reference_id 931321
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931321
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-13117
reference_id CVE-2019-13117
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-13117
25
reference_url https://github.com/advisories/GHSA-4hm9-844j-jmxp
reference_id GHSA-4hm9-844j-jmxp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4hm9-844j-jmxp
26
reference_url https://usn.ubuntu.com/4164-1/
reference_id USN-4164-1
reference_type
scores
url https://usn.ubuntu.com/4164-1/
fixed_packages
0
url pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1
purl pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-aauj-xkdy-mbea
1
vulnerability VCID-jaep-1ut3-9qan
2
vulnerability VCID-nxyn-eknv-tqbf
3
vulnerability VCID-sxp3-vtcq-pugw
4
vulnerability VCID-wdxa-4bjj-7fe5
5
vulnerability VCID-z7hh-qpzy-c7b2
6
vulnerability VCID-zwzs-qztz-wbfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1
aliases CVE-2019-13117, GHSA-4hm9-844j-jmxp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-txm2-sdc1-7uch
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1