Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/libxml2@2.9.1-6.el7_9?arch=6
Typerpm
Namespaceredhat
Namelibxml2
Version2.9.1-6.el7_9
Qualifiers
arch 6
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-ecde-c15q-ukh1
vulnerability_id VCID-ecde-c15q-ukh1
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
xpointer.c in libxml2 (as used in Apple iOS, OS X, tvOS, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.
references
0
reference_url http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html
1
reference_url http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html
2
reference_url http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html
3
reference_url http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4658.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4658.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4658
reference_id
reference_type
scores
0
value 0.17714
scoring_system epss
scoring_elements 0.9513
published_at 2026-04-21T12:55:00Z
1
value 0.17714
scoring_system epss
scoring_elements 0.95096
published_at 2026-04-07T12:55:00Z
2
value 0.17714
scoring_system epss
scoring_elements 0.95103
published_at 2026-04-08T12:55:00Z
3
value 0.17714
scoring_system epss
scoring_elements 0.95107
published_at 2026-04-09T12:55:00Z
4
value 0.17714
scoring_system epss
scoring_elements 0.95113
published_at 2026-04-11T12:55:00Z
5
value 0.17714
scoring_system epss
scoring_elements 0.95115
published_at 2026-04-12T12:55:00Z
6
value 0.17714
scoring_system epss
scoring_elements 0.95117
published_at 2026-04-13T12:55:00Z
7
value 0.17714
scoring_system epss
scoring_elements 0.95125
published_at 2026-04-16T12:55:00Z
8
value 0.17714
scoring_system epss
scoring_elements 0.95128
published_at 2026-04-18T12:55:00Z
9
value 0.18099
scoring_system epss
scoring_elements 0.95143
published_at 2026-04-01T12:55:00Z
10
value 0.18099
scoring_system epss
scoring_elements 0.95156
published_at 2026-04-04T12:55:00Z
11
value 0.18099
scoring_system epss
scoring_elements 0.95154
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4658
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b
10
reference_url https://github.com/sparklemotion/nokogiri/issues/1615
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/1615
11
reference_url https://support.apple.com/HT207141
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://support.apple.com/HT207141
12
reference_url https://support.apple.com/HT207142
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://support.apple.com/HT207142
13
reference_url https://support.apple.com/HT207143
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://support.apple.com/HT207143
14
reference_url https://support.apple.com/HT207170
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://support.apple.com/HT207170
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1384424
reference_id 1384424
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1384424
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840553
reference_id 840553
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840553
17
reference_url https://security.archlinux.org/ASA-201611-2
reference_id ASA-201611-2
reference_type
scores
url https://security.archlinux.org/ASA-201611-2
18
reference_url https://security.archlinux.org/AVG-56
reference_id AVG-56
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-56
19
reference_url http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4448.html
reference_id CVE-2016-4448.HTML
reference_type
scores
url http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4448.html
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4658
reference_id CVE-2016-4658
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4658
21
reference_url http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html
reference_id CVE-2016-4658.HTML
reference_type
scores
url http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html
22
reference_url http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5131.html
reference_id CVE-2016-5131.HTML
reference_type
scores
url http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5131.html
23
reference_url https://github.com/advisories/GHSA-fr52-4hqw-p27f
reference_id GHSA-fr52-4hqw-p27f
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fr52-4hqw-p27f
24
reference_url https://security.gentoo.org/glsa/201701-37
reference_id GLSA-201701-37
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-37
25
reference_url https://access.redhat.com/errata/RHSA-2021:3810
reference_id RHSA-2021:3810
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3810
26
reference_url https://usn.ubuntu.com/3235-1/
reference_id USN-3235-1
reference_type
scores
url https://usn.ubuntu.com/3235-1/
fixed_packages
aliases CVE-2016-4658, GHSA-fr52-4hqw-p27f
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ecde-c15q-ukh1
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libxml2@2.9.1-6.el7_9%3Farch=6