Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:nuget/libxml2@2.7.8.5
Typenuget
Namespace
Namelibxml2
Version2.7.8.5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1nax-e3jj-ryef
vulnerability_id VCID-1nax-e3jj-ryef
summary 
Use of Externally-Controlled Format String
Format string vulnerability in libxml2 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4448.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4448.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4448
reference_id
reference_type
scores
0
value 0.01546
scoring_system epss
scoring_elements 0.81723
published_at 2026-06-04T12:55:00Z
1
value 0.01546
scoring_system epss
scoring_elements 0.81753
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4448
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1338700
reference_id 1338700
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1338700
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829718
reference_id 829718
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829718
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4448
reference_id CVE-2016-4448
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-4448
7
reference_url https://access.redhat.com/errata/RHSA-2016:1292
reference_id RHSA-2016:1292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1292
8
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
9
reference_url https://usn.ubuntu.com/3235-1/
reference_id USN-3235-1
reference_type
scores
url https://usn.ubuntu.com/3235-1/
fixed_packages
aliases CVE-2016-4448
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1nax-e3jj-ryef
1
url VCID-1zr7-kx71-tkcr
vulnerability_id VCID-1zr7-kx71-tkcr
summary 
Improper Restriction of XML External Entity Reference
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7375.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7375.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7375
reference_id
reference_type
scores
0
value 0.00443
scoring_system epss
scoring_elements 0.63668
published_at 2026-06-05T12:55:00Z
1
value 0.00443
scoring_system epss
scoring_elements 0.63626
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7375
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url http://www.securitytracker.com/id/1038623
reference_id 1038623
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/
url http://www.securitytracker.com/id/1038623
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1462203
reference_id 1462203
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1462203
12
reference_url https://source.android.com/security/bulletin/2017-06-01
reference_id 2017-06-01
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/
url https://source.android.com/security/bulletin/2017-06-01
13
reference_url https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa
reference_id 308396a55280f69ad4112d4f9892f4cbeff042aa
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/
url https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870867
reference_id 870867
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870867
15
reference_url http://www.securityfocus.com/bid/98877
reference_id 98877
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/
url http://www.securityfocus.com/bid/98877
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7375
reference_id CVE-2017-7375
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-7375
17
reference_url https://www.debian.org/security/2017/dsa-3952
reference_id dsa-3952
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/
url https://www.debian.org/security/2017/dsa-3952
18
reference_url https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e
reference_id ?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/
url https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e
19
reference_url https://usn.ubuntu.com/3424-1/
reference_id USN-3424-1
reference_type
scores
url https://usn.ubuntu.com/3424-1/
20
reference_url https://usn.ubuntu.com/3424-2/
reference_id USN-3424-2
reference_type
scores
url https://usn.ubuntu.com/3424-2/
fixed_packages
aliases CVE-2017-7375
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1zr7-kx71-tkcr
2
url VCID-2wkc-xqzc-e3g2
vulnerability_id VCID-2wkc-xqzc-e3g2
summary 
Use After Free
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allow remote attackers to cause a denial of service via a crafted XML document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1837.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1837.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1837
reference_id
reference_type
scores
0
value 0.00521
scoring_system epss
scoring_elements 0.67208
published_at 2026-06-04T12:55:00Z
1
value 0.00521
scoring_system epss
scoring_elements 0.67249
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1837
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1338696
reference_id 1338696
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1338696
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1837
reference_id CVE-2016-1837
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-1837
20
reference_url https://access.redhat.com/errata/RHSA-2016:1292
reference_id RHSA-2016:1292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1292
21
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
22
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2016-1837
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2wkc-xqzc-e3g2
3
url VCID-3ean-ys5t-bydz
vulnerability_id VCID-3ean-ys5t-bydz
summary 
Out-of-bounds Read
The htmlCurrentChar function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1833.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1833.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1833
reference_id
reference_type
scores
0
value 0.00399
scoring_system epss
scoring_elements 0.61004
published_at 2026-06-04T12:55:00Z
1
value 0.00399
scoring_system epss
scoring_elements 0.61053
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1833
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1338682
reference_id 1338682
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1338682
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1833
reference_id CVE-2016-1833
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-1833
20
reference_url https://access.redhat.com/errata/RHSA-2016:1292
reference_id RHSA-2016:1292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1292
21
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
22
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2016-1833
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ean-ys5t-bydz
4
url VCID-3s6k-9cgk-dfd6
vulnerability_id VCID-3s6k-9cgk-dfd6
summary 
Use After Free
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service via a crafted XML document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1836.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1836.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1836
reference_id
reference_type
scores
0
value 0.01305
scoring_system epss
scoring_elements 0.80109
published_at 2026-06-04T12:55:00Z
1
value 0.01305
scoring_system epss
scoring_elements 0.80135
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1836
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1338702
reference_id 1338702
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1338702
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1836
reference_id CVE-2016-1836
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-1836
20
reference_url https://access.redhat.com/errata/RHSA-2016:1292
reference_id RHSA-2016:1292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1292
21
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
22
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2016-1836
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3s6k-9cgk-dfd6
5
url VCID-4sg9-pjmx-6kfy
vulnerability_id VCID-4sg9-pjmx-6kfy
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3541.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3541.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3541
reference_id
reference_type
scores
0
value 0.0006
scoring_system epss
scoring_elements 0.19048
published_at 2026-06-04T12:55:00Z
1
value 0.0006
scoring_system epss
scoring_elements 0.19122
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3541
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1950515
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1950515
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3541
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3541
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://security.netapp.com/advisory/ntap-20210805-0007/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210805-0007/
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988603
reference_id 988603
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988603
7
reference_url https://security.archlinux.org/AVG-1883
reference_id AVG-1883
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1883
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3541
reference_id CVE-2021-3541
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-3541
9
reference_url https://access.redhat.com/errata/RHSA-2021:2569
reference_id RHSA-2021:2569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2569
10
reference_url https://access.redhat.com/errata/RHSA-2022:1389
reference_id RHSA-2022:1389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1389
11
reference_url https://access.redhat.com/errata/RHSA-2022:1390
reference_id RHSA-2022:1390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1390
12
reference_url https://usn.ubuntu.com/4991-1/
reference_id USN-4991-1
reference_type
scores
url https://usn.ubuntu.com/4991-1/
fixed_packages
aliases CVE-2021-3541
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4sg9-pjmx-6kfy
6
url VCID-512y-x2fd-4uh5
vulnerability_id VCID-512y-x2fd-4uh5
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5130.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5130.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5130
reference_id
reference_type
scores
0
value 0.01165
scoring_system epss
scoring_elements 0.78995
published_at 2026-06-05T12:55:00Z
1
value 0.01165
scoring_system epss
scoring_elements 0.78968
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5130
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5130
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5130
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securityfocus.com/bid/101482
reference_id 101482
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/
url http://www.securityfocus.com/bid/101482
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1503537
reference_id 1503537
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1503537
6
reference_url https://crbug.com/722079
reference_id 722079
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/
url https://crbug.com/722079
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880000
reference_id 880000
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880000
8
reference_url https://security.archlinux.org/ASA-201710-27
reference_id ASA-201710-27
reference_type
scores
url https://security.archlinux.org/ASA-201710-27
9
reference_url https://security.archlinux.org/AVG-456
reference_id AVG-456
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-456
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5130
reference_id CVE-2017-5130
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-5130
11
reference_url https://security.gentoo.org/glsa/201710-24
reference_id GLSA-201710-24
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/
url https://security.gentoo.org/glsa/201710-24
12
reference_url https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed
reference_id ?id=897dffbae322b46b83f99a607d527058a72c51ed
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/
url https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed
13
reference_url https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html
reference_id msg00034.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/
url https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html
14
reference_url https://access.redhat.com/errata/RHSA-2017:2997
reference_id RHSA-2017:2997
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/
url https://access.redhat.com/errata/RHSA-2017:2997
15
reference_url http://bugzilla.gnome.org/show_bug.cgi?id=783026
reference_id show_bug.cgi?id=783026
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/
url http://bugzilla.gnome.org/show_bug.cgi?id=783026
16
reference_url https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html
reference_id stable-channel-update-for-desktop.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/
url https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html
fixed_packages
aliases CVE-2017-5130
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-512y-x2fd-4uh5
7
url VCID-5g9a-2484-rucp
vulnerability_id VCID-5g9a-2484-rucp
summary An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40304.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40304.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40304
reference_id
reference_type
scores
0
value 0.00219
scoring_system epss
scoring_elements 0.44511
published_at 2026-06-04T12:55:00Z
1
value 0.00219
scoring_system epss
scoring_elements 0.44581
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40304
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b
6
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/tags
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url https://gitlab.gnome.org/GNOME/libxml2/-/tags
7
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3
8
reference_url https://nokogiri.org/CHANGELOG.html#1139-2022-10-18
reference_id
reference_type
scores
url https://nokogiri.org/CHANGELOG.html#1139-2022-10-18
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022225
reference_id 1022225
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022225
10
reference_url http://seclists.org/fulldisclosure/2022/Dec/21
reference_id 21
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url http://seclists.org/fulldisclosure/2022/Dec/21
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2136288
reference_id 2136288
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2136288
12
reference_url http://seclists.org/fulldisclosure/2022/Dec/24
reference_id 24
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url http://seclists.org/fulldisclosure/2022/Dec/24
13
reference_url http://seclists.org/fulldisclosure/2022/Dec/25
reference_id 25
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url http://seclists.org/fulldisclosure/2022/Dec/25
14
reference_url http://seclists.org/fulldisclosure/2022/Dec/26
reference_id 26
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url http://seclists.org/fulldisclosure/2022/Dec/26
15
reference_url http://seclists.org/fulldisclosure/2022/Dec/27
reference_id 27
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url http://seclists.org/fulldisclosure/2022/Dec/27
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-40304
reference_id CVE-2022-40304
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-40304
17
reference_url https://security.gentoo.org/glsa/202210-39
reference_id GLSA-202210-39
reference_type
scores
url https://security.gentoo.org/glsa/202210-39
18
reference_url https://support.apple.com/kb/HT213531
reference_id HT213531
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url https://support.apple.com/kb/HT213531
19
reference_url https://support.apple.com/kb/HT213533
reference_id HT213533
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url https://support.apple.com/kb/HT213533
20
reference_url https://support.apple.com/kb/HT213534
reference_id HT213534
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url https://support.apple.com/kb/HT213534
21
reference_url https://support.apple.com/kb/HT213535
reference_id HT213535
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url https://support.apple.com/kb/HT213535
22
reference_url https://support.apple.com/kb/HT213536
reference_id HT213536
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url https://support.apple.com/kb/HT213536
23
reference_url https://security.netapp.com/advisory/ntap-20221209-0003/
reference_id ntap-20221209-0003
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/
url https://security.netapp.com/advisory/ntap-20221209-0003/
24
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
25
reference_url https://access.redhat.com/errata/RHSA-2023:0173
reference_id RHSA-2023:0173
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0173
26
reference_url https://access.redhat.com/errata/RHSA-2023:0338
reference_id RHSA-2023:0338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0338
27
reference_url https://access.redhat.com/errata/RHSA-2024:0413
reference_id RHSA-2024:0413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0413
28
reference_url https://usn.ubuntu.com/5760-1/
reference_id USN-5760-1
reference_type
scores
url https://usn.ubuntu.com/5760-1/
29
reference_url https://usn.ubuntu.com/5760-2/
reference_id USN-5760-2
reference_type
scores
url https://usn.ubuntu.com/5760-2/
fixed_packages
aliases CVE-2022-40304
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5g9a-2484-rucp
8
url VCID-5z25-mem7-hfcx
vulnerability_id VCID-5z25-mem7-hfcx
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 allows context-dependent attackers to cause a denial of service via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7497.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7497.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7497
reference_id
reference_type
scores
0
value 0.01161
scoring_system epss
scoring_elements 0.78938
published_at 2026-06-04T12:55:00Z
1
value 0.01161
scoring_system epss
scoring_elements 0.78965
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7497
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1281862
reference_id 1281862
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1281862
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7497
reference_id CVE-2015-7497
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2015-7497
16
reference_url https://access.redhat.com/errata/RHSA-2015:2549
reference_id RHSA-2015:2549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2549
17
reference_url https://access.redhat.com/errata/RHSA-2015:2550
reference_id RHSA-2015:2550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2550
18
reference_url https://access.redhat.com/errata/RHSA-2016:1089
reference_id RHSA-2016:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1089
19
reference_url https://usn.ubuntu.com/2834-1/
reference_id USN-2834-1
reference_type
scores
url https://usn.ubuntu.com/2834-1/
fixed_packages
aliases CVE-2015-7497
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5z25-mem7-hfcx
9
url VCID-6bw6-4huq-dqex
vulnerability_id VCID-6bw6-4huq-dqex
summary 
Improper Restriction of XML External Entity Reference
libxml2, as used in XMLSec and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9318.json
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9318.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9318
reference_id
reference_type
scores
0
value 0.00119
scoring_system epss
scoring_elements 0.30308
published_at 2026-06-04T12:55:00Z
1
value 0.00119
scoring_system epss
scoring_elements 0.30382
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9318
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1395609
reference_id 1395609
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1395609
5
reference_url https://usn.ubuntu.com/3739-2/
reference_id 3739-2
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/
url https://usn.ubuntu.com/3739-2/
6
reference_url https://github.com/lsh123/xmlsec/issues/43
reference_id 43
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/
url https://github.com/lsh123/xmlsec/issues/43
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844581
reference_id 844581
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844581
8
reference_url http://www.securityfocus.com/bid/94347
reference_id 94347
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/
url http://www.securityfocus.com/bid/94347
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9318
reference_id CVE-2016-9318
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-9318
10
reference_url https://bugzilla.gnome.org/show_bug.cgi?id=772726
reference_id show_bug.cgi?id=772726
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/
url https://bugzilla.gnome.org/show_bug.cgi?id=772726
fixed_packages
aliases CVE-2016-9318
risk_score 3.0
exploitability 0.5
weighted_severity 6.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6bw6-4huq-dqex
10
url VCID-6hc4-jdej-gkcp
vulnerability_id VCID-6hc4-jdej-gkcp
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
The xmlNextChar function in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1762.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1762.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1762
reference_id
reference_type
scores
0
value 0.02419
scoring_system epss
scoring_elements 0.854
published_at 2026-06-04T12:55:00Z
1
value 0.02419
scoring_system epss
scoring_elements 0.85424
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1762
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
18
reference_url http://www.securitytracker.com/id/1035353
reference_id 1035353
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/
url http://www.securitytracker.com/id/1035353
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1338711
reference_id 1338711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1338711
20
reference_url http://www.securityfocus.com/bid/85059
reference_id 85059
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/
url http://www.securityfocus.com/bid/85059
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1762
reference_id CVE-2016-1762
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-1762
22
reference_url https://support.apple.com/HT206171
reference_id HT206171
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/
url https://support.apple.com/HT206171
23
reference_url https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602
reference_id ?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/
url https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602
24
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10170
reference_id index?page=content&id=SB10170
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/
url https://kc.mcafee.com/corporate/index?page=content&id=SB10170
25
reference_url http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html
reference_id msg00005.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/
url http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html
26
reference_url http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id ovmbulletinjul2016-3090546.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/
url http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
27
reference_url https://access.redhat.com/errata/RHSA-2016:1292
reference_id RHSA-2016:1292
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/
url https://access.redhat.com/errata/RHSA-2016:1292
28
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
29
reference_url http://rhn.redhat.com/errata/RHSA-2016-2957.html
reference_id RHSA-2016-2957.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/
url http://rhn.redhat.com/errata/RHSA-2016-2957.html
30
reference_url https://bugzilla.gnome.org/show_bug.cgi?id=759671
reference_id show_bug.cgi?id=759671
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/
url https://bugzilla.gnome.org/show_bug.cgi?id=759671
31
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2016-1762
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6hc4-jdej-gkcp
11
url VCID-6t8y-27ba-cfa2
vulnerability_id VCID-6t8y-27ba-cfa2
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3537.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3537.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3537
reference_id
reference_type
scores
0
value 0.00111
scoring_system epss
scoring_elements 0.29146
published_at 2026-06-04T12:55:00Z
1
value 0.00111
scoring_system epss
scoring_elements 0.29216
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3537
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1956522
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1956522
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3537
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3537
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3537.yml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3537.yml
6
reference_url https://github.com/sparklemotion/nokogiri
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri
7
reference_url https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722
8
reference_url https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
13
reference_url https://nokogiri.org/CHANGELOG.html#1114-2021-05-14
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements
1
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nokogiri.org/CHANGELOG.html#1114-2021-05-14
14
reference_url https://security.gentoo.org/glsa/202107-05
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202107-05
15
reference_url https://security.netapp.com/advisory/ntap-20210625-0002
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210625-0002
16
reference_url https://security.netapp.com/advisory/ntap-20210625-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210625-0002/
17
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
18
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
19
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988123
reference_id 988123
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988123
21
reference_url https://security.archlinux.org/AVG-1883
reference_id AVG-1883
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1883
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3537
reference_id CVE-2021-3537
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3537
23
reference_url https://github.com/advisories/GHSA-286v-pcf5-25rc
reference_id GHSA-286v-pcf5-25rc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-286v-pcf5-25rc
24
reference_url https://access.redhat.com/errata/RHSA-2021:2569
reference_id RHSA-2021:2569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2569
25
reference_url https://access.redhat.com/errata/RHSA-2022:1389
reference_id RHSA-2022:1389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1389
26
reference_url https://access.redhat.com/errata/RHSA-2022:1390
reference_id RHSA-2022:1390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1390
27
reference_url https://usn.ubuntu.com/4991-1/
reference_id USN-4991-1
reference_type
scores
url https://usn.ubuntu.com/4991-1/
fixed_packages
aliases CVE-2021-3537, GHSA-286v-pcf5-25rc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6t8y-27ba-cfa2
12
url VCID-8719-hux3-fugq
vulnerability_id VCID-8719-hux3-fugq
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7498.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7498.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7498
reference_id
reference_type
scores
0
value 0.01161
scoring_system epss
scoring_elements 0.78938
published_at 2026-06-04T12:55:00Z
1
value 0.01161
scoring_system epss
scoring_elements 0.78965
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7498
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1281879
reference_id 1281879
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1281879
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7498
reference_id CVE-2015-7498
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2015-7498
16
reference_url https://access.redhat.com/errata/RHSA-2015:2549
reference_id RHSA-2015:2549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2549
17
reference_url https://access.redhat.com/errata/RHSA-2015:2550
reference_id RHSA-2015:2550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2550
18
reference_url https://access.redhat.com/errata/RHSA-2016:1089
reference_id RHSA-2016:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1089
19
reference_url https://usn.ubuntu.com/2834-1/
reference_id USN-2834-1
reference_type
scores
url https://usn.ubuntu.com/2834-1/
fixed_packages
aliases CVE-2015-7498
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8719-hux3-fugq
13
url VCID-9m3t-anwb-4fbx
vulnerability_id VCID-9m3t-anwb-4fbx
summary arbitrary code execution
references
0
reference_url http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html
1
reference_url http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html
2
reference_url http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html
3
reference_url http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4658.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4658.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4658
reference_id
reference_type
scores
0
value 0.15391
scoring_system epss
scoring_elements 0.94776
published_at 2026-06-05T12:55:00Z
1
value 0.15391
scoring_system epss
scoring_elements 0.94767
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4658
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b
10
reference_url https://github.com/sparklemotion/nokogiri/issues/1615
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/1615
11
reference_url https://security.gentoo.org/glsa/201701-37
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-37
12
reference_url https://support.apple.com/HT207141
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://support.apple.com/HT207141
13
reference_url https://support.apple.com/HT207142
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://support.apple.com/HT207142
14
reference_url https://support.apple.com/HT207143
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://support.apple.com/HT207143
15
reference_url https://support.apple.com/HT207170
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://support.apple.com/HT207170
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1384424
reference_id 1384424
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1384424
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840553
reference_id 840553
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840553
18
reference_url https://security.archlinux.org/ASA-201611-2
reference_id ASA-201611-2
reference_type
scores
url https://security.archlinux.org/ASA-201611-2
19
reference_url https://security.archlinux.org/AVG-56
reference_id AVG-56
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-56
20
reference_url http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4448.html
reference_id CVE-2016-4448.HTML
reference_type
scores
url http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4448.html
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4658
reference_id CVE-2016-4658
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4658
22
reference_url http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html
reference_id CVE-2016-4658.HTML
reference_type
scores
url http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html
23
reference_url http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5131.html
reference_id CVE-2016-5131.HTML
reference_type
scores
url http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5131.html
24
reference_url https://github.com/advisories/GHSA-fr52-4hqw-p27f
reference_id GHSA-fr52-4hqw-p27f
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fr52-4hqw-p27f
25
reference_url https://access.redhat.com/errata/RHSA-2021:3810
reference_id RHSA-2021:3810
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3810
26
reference_url https://usn.ubuntu.com/3235-1/
reference_id USN-3235-1
reference_type
scores
url https://usn.ubuntu.com/3235-1/
fixed_packages
aliases CVE-2016-4658, GHSA-fr52-4hqw-p27f
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9m3t-anwb-4fbx
14
url VCID-9usm-m2ey-7qad
vulnerability_id VCID-9usm-m2ey-7qad
summary 
Missing Release of Memory after Effective Lifetime
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 has a memory leak related to newDoc->oldNs.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19956.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19956.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19956
reference_id
reference_type
scores
0
value 0.0021
scoring_system epss
scoring_elements 0.43462
published_at 2026-06-05T12:55:00Z
1
value 0.0021
scoring_system epss
scoring_elements 0.43389
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19956
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1788856
reference_id 1788856
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1788856
5
reference_url https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549
reference_id 5a02583c7e683896d84878bd90641d8d9b0d0549
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/
url https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/
reference_id 5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19956
reference_id CVE-2019-19956
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2019-19956
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/
reference_id JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/
9
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html
reference_id msg00005.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html
10
reference_url https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html
reference_id msg00032.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/
url https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html
11
reference_url https://security.netapp.com/advisory/ntap-20200114-0002/
reference_id ntap-20200114-0002
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/
url https://security.netapp.com/advisory/ntap-20200114-0002/
12
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
13
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
14
reference_url https://access.redhat.com/errata/RHSA-2020:3996
reference_id RHSA-2020:3996
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3996
15
reference_url https://access.redhat.com/errata/RHSA-2020:4479
reference_id RHSA-2020:4479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4479
16
reference_url https://access.redhat.com/errata/RHSA-2021:0949
reference_id RHSA-2021:0949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0949
fixed_packages
aliases CVE-2019-19956
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9usm-m2ey-7qad
15
url VCID-a611-3sqz-bkac
vulnerability_id VCID-a611-3sqz-bkac
summary 
Improper Input Validation
The xmlStringGetNodeList function in tree.c in libxml2, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3627.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3627.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3627
reference_id
reference_type
scores
0
value 0.00086
scoring_system epss
scoring_elements 0.24968
published_at 2026-06-05T12:55:00Z
1
value 0.00086
scoring_system epss
scoring_elements 0.24873
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3627
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
18
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
19
reference_url http://seclists.org/fulldisclosure/2016/May/10
reference_id 10
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/
url http://seclists.org/fulldisclosure/2016/May/10
20
reference_url http://www.securitytracker.com/id/1035335
reference_id 1035335
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/
url http://www.securitytracker.com/id/1035335
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1319829
reference_id 1319829
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1319829
22
reference_url http://www.openwall.com/lists/oss-security/2016/03/21/2
reference_id 2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/
url http://www.openwall.com/lists/oss-security/2016/03/21/2
23
reference_url http://www.openwall.com/lists/oss-security/2016/03/21/3
reference_id 3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/
url http://www.openwall.com/lists/oss-security/2016/03/21/3
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819006
reference_id 819006
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819006
25
reference_url http://www.securityfocus.com/bid/84992
reference_id 84992
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/
url http://www.securityfocus.com/bid/84992
26
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3627
reference_id CVE-2016-3627
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-3627
27
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239
reference_id docDisplay?docId=emr_na-c05157239
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239
28
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10170
reference_id index?page=content&id=SB10170
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/
url https://kc.mcafee.com/corporate/index?page=content&id=SB10170
29
reference_url http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html
reference_id msg00055.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/
url http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html
30
reference_url http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html
reference_id msg00127.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/
url http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html
31
reference_url http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id ovmbulletinjul2016-3090546.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/
url http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
32
reference_url https://access.redhat.com/errata/RHSA-2016:1292
reference_id RHSA-2016:1292
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/
url https://access.redhat.com/errata/RHSA-2016:1292
33
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
34
reference_url http://rhn.redhat.com/errata/RHSA-2016-2957.html
reference_id RHSA-2016-2957.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/
url http://rhn.redhat.com/errata/RHSA-2016-2957.html
35
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2016-3627
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a611-3sqz-bkac
16
url VCID-akrb-6bu8-nqfq
vulnerability_id VCID-akrb-6bu8-nqfq
summary 
NULL Pointer Dereference
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:1543
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/
url https://access.redhat.com/errata/RHSA-2019:1543
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14404.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14404.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14404
reference_id
reference_type
scores
0
value 0.20012
scoring_system epss
scoring_elements 0.95589
published_at 2026-06-04T12:55:00Z
1
value 0.20012
scoring_system epss
scoring_elements 0.95595
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14404
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1595985
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1595985
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/sparklemotion/nokogiri/issues/1785
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/1785
8
reference_url https://gitlab.gnome.org/GNOME/libxml2/issues/10
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/
url https://gitlab.gnome.org/GNOME/libxml2/issues/10
9
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/
url https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html
10
reference_url https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/
url https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html
11
reference_url https://security.netapp.com/advisory/ntap-20190719-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190719-0002
12
reference_url https://usn.ubuntu.com/3739-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3739-1
13
reference_url https://usn.ubuntu.com/3739-2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3739-2
14
reference_url https://usn.ubuntu.com/3739-2/
reference_id 3739-2
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/
url https://usn.ubuntu.com/3739-2/
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14404
reference_id CVE-2018-14404
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14404
16
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-14404.yml
reference_id CVE-2018-14404.YML
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-14404.yml
17
reference_url https://github.com/advisories/GHSA-6qvp-r6r3-9p7h
reference_id GHSA-6qvp-r6r3-9p7h
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6qvp-r6r3-9p7h
18
reference_url https://security.netapp.com/advisory/ntap-20190719-0002/
reference_id ntap-20190719-0002
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/
url https://security.netapp.com/advisory/ntap-20190719-0002/
19
reference_url https://access.redhat.com/errata/RHSA-2020:1190
reference_id RHSA-2020:1190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1190
20
reference_url https://access.redhat.com/errata/RHSA-2020:1827
reference_id RHSA-2020:1827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1827
fixed_packages
aliases CVE-2018-14404, GHSA-6qvp-r6r3-9p7h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-akrb-6bu8-nqfq
17
url VCID-anzu-y37j-dbc2
vulnerability_id VCID-anzu-y37j-dbc2
summary 
Improper Input Validation
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4449.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4449.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4449
reference_id
reference_type
scores
0
value 0.00124
scoring_system epss
scoring_elements 0.31125
published_at 2026-06-04T12:55:00Z
1
value 0.00124
scoring_system epss
scoring_elements 0.31193
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4449
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
18
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1338701
reference_id 1338701
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1338701
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4449
reference_id CVE-2016-4449
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-4449
21
reference_url https://access.redhat.com/errata/RHSA-2016:1292
reference_id RHSA-2016:1292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1292
22
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
23
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2016-4449
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-anzu-y37j-dbc2
18
url VCID-bgcq-x9bd-83ap
vulnerability_id VCID-bgcq-x9bd-83ap
summary arbitrary code execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23308.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23308.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23308
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22494
published_at 2026-06-04T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22578
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23308
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e
reference_id
reference_type
scores
url https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e
5
reference_url https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2
reference_id
reference_type
scores
url https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2
6
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS
reference_id
reference_type
scores
url https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006489
reference_id 1006489
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006489
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2056913
reference_id 2056913
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2056913
9
reference_url https://security.archlinux.org/AVG-2726
reference_id AVG-2726
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2726
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23308
reference_id CVE-2022-23308
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-23308
11
reference_url https://security.gentoo.org/glsa/202210-03
reference_id GLSA-202210-03
reference_type
scores
url https://security.gentoo.org/glsa/202210-03
12
reference_url https://access.redhat.com/errata/RHSA-2022:0899
reference_id RHSA-2022:0899
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0899
13
reference_url https://access.redhat.com/errata/RHSA-2022:1389
reference_id RHSA-2022:1389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1389
14
reference_url https://access.redhat.com/errata/RHSA-2022:1390
reference_id RHSA-2022:1390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1390
15
reference_url https://usn.ubuntu.com/5324-1/
reference_id USN-5324-1
reference_type
scores
url https://usn.ubuntu.com/5324-1/
16
reference_url https://usn.ubuntu.com/5422-1/
reference_id USN-5422-1
reference_type
scores
url https://usn.ubuntu.com/5422-1/
fixed_packages
aliases CVE-2022-23308
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bgcq-x9bd-83ap
19
url VCID-bksc-y3j7-ufek
vulnerability_id VCID-bksc-y3j7-ufek
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
The xmlParseMisc function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7500.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7500.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7500
reference_id
reference_type
scores
0
value 0.01397
scoring_system epss
scoring_elements 0.80737
published_at 2026-06-04T12:55:00Z
1
value 0.01397
scoring_system epss
scoring_elements 0.80764
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7500
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1281943
reference_id 1281943
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1281943
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7500
reference_id CVE-2015-7500
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2015-7500
16
reference_url https://access.redhat.com/errata/RHSA-2015:2549
reference_id RHSA-2015:2549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2549
17
reference_url https://access.redhat.com/errata/RHSA-2015:2550
reference_id RHSA-2015:2550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2550
18
reference_url https://access.redhat.com/errata/RHSA-2016:1089
reference_id RHSA-2016:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1089
19
reference_url https://usn.ubuntu.com/2834-1/
reference_id USN-2834-1
reference_type
scores
url https://usn.ubuntu.com/2834-1/
fixed_packages
aliases CVE-2015-7500
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bksc-y3j7-ufek
20
url VCID-bwrv-burs-sqg6
vulnerability_id VCID-bwrv-burs-sqg6
summary 
Uncontrolled Resource Consumption
libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-3627.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9596.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9596.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9596
reference_id
reference_type
scores
0
value 0.00673
scoring_system epss
scoring_elements 0.71813
published_at 2026-06-04T12:55:00Z
1
value 0.00673
scoring_system epss
scoring_elements 0.71852
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9596
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1408302
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1408302
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9596
reference_id CVE-2016-9596
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-9596
fixed_packages
aliases CVE-2016-9596
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bwrv-burs-sqg6
21
url VCID-d39h-k44d-8kgx
vulnerability_id VCID-d39h-k44d-8kgx
summary 
Uncontrolled Resource Consumption
libxml2, as used in Google Chrome, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2871.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2871.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2871
reference_id
reference_type
scores
0
value 0.00783
scoring_system epss
scoring_elements 0.74106
published_at 2026-06-04T12:55:00Z
1
value 0.00783
scoring_system epss
scoring_elements 0.7414
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2871
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2871
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2871
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689422
reference_id 689422
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689422
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=852935
reference_id 852935
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=852935
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-2871
reference_id CVE-2012-2871
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2012-2871
6
reference_url https://security.gentoo.org/glsa/201311-06
reference_id GLSA-201311-06
reference_type
scores
url https://security.gentoo.org/glsa/201311-06
7
reference_url https://access.redhat.com/errata/RHSA-2012:1265
reference_id RHSA-2012:1265
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1265
8
reference_url https://usn.ubuntu.com/1595-1/
reference_id USN-1595-1
reference_type
scores
url https://usn.ubuntu.com/1595-1/
fixed_packages
aliases CVE-2012-2871
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d39h-k44d-8kgx
22
url VCID-ds9f-6ppp-5fax
vulnerability_id VCID-ds9f-6ppp-5fax
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
Heap-based buffer overflow in the xmlStrncat function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1834.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1834.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1834
reference_id
reference_type
scores
0
value 0.02308
scoring_system epss
scoring_elements 0.85076
published_at 2026-06-05T12:55:00Z
1
value 0.02308
scoring_system epss
scoring_elements 0.85052
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1834
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
18
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
19
reference_url http://www.securitytracker.com/id/1035890
reference_id 1035890
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url http://www.securitytracker.com/id/1035890
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1338708
reference_id 1338708
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1338708
21
reference_url http://www.securityfocus.com/bid/90691
reference_id 90691
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url http://www.securityfocus.com/bid/90691
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1834
reference_id CVE-2016-1834
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-1834
23
reference_url https://support.apple.com/HT206564
reference_id HT206564
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url https://support.apple.com/HT206564
24
reference_url https://support.apple.com/HT206566
reference_id HT206566
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url https://support.apple.com/HT206566
25
reference_url https://support.apple.com/HT206567
reference_id HT206567
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url https://support.apple.com/HT206567
26
reference_url https://support.apple.com/HT206568
reference_id HT206568
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url https://support.apple.com/HT206568
27
reference_url https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704
reference_id ?id=8fbbf5513d609c1770b391b99e33314cd0742704
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704
28
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10170
reference_id index?page=content&id=SB10170
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url https://kc.mcafee.com/corporate/index?page=content&id=SB10170
29
reference_url http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url http://lists.apple.com/archives/security-announce/2016/May/msg00001.html
30
reference_url http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
reference_id msg00002.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url http://lists.apple.com/archives/security-announce/2016/May/msg00002.html
31
reference_url http://lists.apple.com/archives/security-announce/2016/May/msg00003.html
reference_id msg00003.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url http://lists.apple.com/archives/security-announce/2016/May/msg00003.html
32
reference_url http://lists.apple.com/archives/security-announce/2016/May/msg00004.html
reference_id msg00004.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url http://lists.apple.com/archives/security-announce/2016/May/msg00004.html
33
reference_url http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id ovmbulletinjul2016-3090546.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
34
reference_url https://access.redhat.com/errata/RHSA-2016:1292
reference_id RHSA-2016:1292
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url https://access.redhat.com/errata/RHSA-2016:1292
35
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
36
reference_url http://rhn.redhat.com/errata/RHSA-2016-2957.html
reference_id RHSA-2016-2957.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url http://rhn.redhat.com/errata/RHSA-2016-2957.html
37
reference_url https://bugzilla.gnome.org/show_bug.cgi?id=763071
reference_id show_bug.cgi?id=763071
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/
url https://bugzilla.gnome.org/show_bug.cgi?id=763071
38
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2016-1834
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ds9f-6ppp-5fax
23
url VCID-e8w6-ax3x-wqan
vulnerability_id VCID-e8w6-ax3x-wqan
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3517.json
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3517.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3517
reference_id
reference_type
scores
0
value 0.00107
scoring_system epss
scoring_elements 0.28493
published_at 2026-06-05T12:55:00Z
1
value 0.00107
scoring_system epss
scoring_elements 0.28421
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3517
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1954232
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements
1
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1954232
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3517.yml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3517.yml
6
reference_url https://github.com/sparklemotion/nokogiri
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri
7
reference_url https://github.com/sparklemotion/nokogiri/blob/7c19ef5cc6b7c5c36827dd5495f857c6877ec8cf/CHANGELOG.md?plain=1#L579
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/blob/7c19ef5cc6b7c5c36827dd5495f857c6877ec8cf/CHANGELOG.md?plain=1#L579
8
reference_url https://github.com/sparklemotion/nokogiri/issues/2233
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/2233
9
reference_url https://github.com/sparklemotion/nokogiri/issues/2274
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/2274
10
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e
11
reference_url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
13
reference_url https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/
url https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
18
reference_url https://security.gentoo.org/glsa/202107-05
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/
url https://security.gentoo.org/glsa/202107-05
19
reference_url https://security.netapp.com/advisory/ntap-20210625-0002
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210625-0002
20
reference_url https://security.netapp.com/advisory/ntap-20210625-0002/
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/
url https://security.netapp.com/advisory/ntap-20210625-0002/
21
reference_url https://security.netapp.com/advisory/ntap-20211022-0004
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20211022-0004
22
reference_url https://security.netapp.com/advisory/ntap-20211022-0004/
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/
url https://security.netapp.com/advisory/ntap-20211022-0004/
23
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/
url https://www.oracle.com/security-alerts/cpuapr2022.html
24
reference_url https://www.oracle.com/security-alerts/cpujan2022.html
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/
url https://www.oracle.com/security-alerts/cpujan2022.html
25
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/
url https://www.oracle.com/security-alerts/cpujul2022.html
26
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/
url https://www.oracle.com/security-alerts/cpuoct2021.html
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987738
reference_id 987738
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987738
28
reference_url https://security.archlinux.org/AVG-1883
reference_id AVG-1883
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1883
29
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
reference_id BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3517
reference_id CVE-2021-3517
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3517
31
reference_url https://github.com/advisories/GHSA-jw9f-hh49-cvp9
reference_id GHSA-jw9f-hh49-cvp9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jw9f-hh49-cvp9
32
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
reference_id QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
33
reference_url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_id r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/
url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_id rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/
url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
35
reference_url https://access.redhat.com/errata/RHSA-2021:2569
reference_id RHSA-2021:2569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2569
36
reference_url https://access.redhat.com/errata/RHSA-2022:1389
reference_id RHSA-2022:1389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1389
37
reference_url https://access.redhat.com/errata/RHSA-2022:1390
reference_id RHSA-2022:1390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1390
38
reference_url https://usn.ubuntu.com/4991-1/
reference_id USN-4991-1
reference_type
scores
url https://usn.ubuntu.com/4991-1/
fixed_packages
aliases CVE-2021-3517, GHSA-jw9f-hh49-cvp9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e8w6-ax3x-wqan
24
url VCID-efx2-bpu9-z7a4
vulnerability_id VCID-efx2-bpu9-z7a4
summary 
Vulnerabilities in libxml2
Several vulnerabilities were discovered in the libxml2 library that this package gem depends on.
references
0
reference_url http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
3
reference_url http://marc.info/?l=bugtraq&m=145382616617563&w=2
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=145382616617563&w=2
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-2549.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-2549.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-2550.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-2550.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5312.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5312.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5312
reference_id
reference_type
scores
0
value 0.01078
scoring_system epss
scoring_elements 0.78187
published_at 2026-06-05T12:55:00Z
1
value 0.01078
scoring_system epss
scoring_elements 0.7816
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5312
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1276693
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1276693
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
21
reference_url https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e
22
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-5312.yml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-5312.yml
23
reference_url https://github.com/sparklemotion/nokogiri/commit/4205af1a2a546f79d1b48df2ad8b27299c0099c5
reference_id
reference_type
scores
url https://github.com/sparklemotion/nokogiri/commit/4205af1a2a546f79d1b48df2ad8b27299c0099c5
24
reference_url https://github.com/sparklemotion/nokogiri/pull/1378
reference_id
reference_type
scores
url https://github.com/sparklemotion/nokogiri/pull/1378
25
reference_url https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s
26
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172
27
reference_url https://security.gentoo.org/glsa/201701-37
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-37
28
reference_url https://support.apple.com/HT206166
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/HT206166
29
reference_url https://support.apple.com/HT206167
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/HT206167
30
reference_url https://support.apple.com/HT206168
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/HT206168
31
reference_url https://support.apple.com/HT206169
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/HT206169
32
reference_url http://www.debian.org/security/2015/dsa-3430
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3430
33
reference_url http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
34
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
35
reference_url http://www.ubuntu.com/usn/USN-2834-1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2834-1
36
reference_url http://xmlsoft.org/news.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://xmlsoft.org/news.html
37
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5312
reference_id CVE-2015-5312
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5312
38
reference_url https://github.com/advisories/GHSA-xjqg-9jvg-fgx2
reference_id GHSA-xjqg-9jvg-fgx2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xjqg-9jvg-fgx2
39
reference_url https://access.redhat.com/errata/RHSA-2015:2549
reference_id RHSA-2015:2549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2549
40
reference_url https://access.redhat.com/errata/RHSA-2015:2550
reference_id RHSA-2015:2550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2550
41
reference_url https://access.redhat.com/errata/RHSA-2016:1089
reference_id RHSA-2016:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1089
42
reference_url https://usn.ubuntu.com/2834-1/
reference_id USN-2834-1
reference_type
scores
url https://usn.ubuntu.com/2834-1/
fixed_packages
aliases CVE-2015-5312, GHSA-xjqg-9jvg-fgx2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-efx2-bpu9-z7a4
25
url VCID-egft-crba-6ubx
vulnerability_id VCID-egft-crba-6ubx
summary 
Uncontrolled Resource Consumption
dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "<!DOCTYPE html" substring in a crafted HTML document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8806.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8806.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8806
reference_id
reference_type
scores
0
value 0.08565
scoring_system epss
scoring_elements 0.92549
published_at 2026-06-04T12:55:00Z
1
value 0.08565
scoring_system epss
scoring_elements 0.92562
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8806
2
reference_url https://bugzilla.gnome.org/show_bug.cgi?id=749115
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.gnome.org/show_bug.cgi?id=749115
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
19
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
20
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-8806.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-8806.yml
21
reference_url https://github.com/sparklemotion/nokogiri
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri
22
reference_url https://github.com/sparklemotion/nokogiri/commit/03d402212707bd5dfa0a21b7de5e91a7f9d90028
reference_id
reference_type
scores
url https://github.com/sparklemotion/nokogiri/commit/03d402212707bd5dfa0a21b7de5e91a7f9d90028
23
reference_url https://github.com/sparklemotion/nokogiri/issues/1473
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/1473
24
reference_url https://mail.gnome.org/archives/xml/2016-May/msg00023.html
reference_id
reference_type
scores
url https://mail.gnome.org/archives/xml/2016-May/msg00023.html
25
reference_url https://security.gentoo.org/glsa/201701-37
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-37
26
reference_url https://web.archive.org/web/20160928171015/http://www.securityfocus.com/bid/82071
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160928171015/http://www.securityfocus.com/bid/82071
27
reference_url https://www.debian.org/security/2016/dsa-3593
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2016/dsa-3593
28
reference_url http://www.openwall.com/lists/oss-security/2016/02/03/5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/02/03/5
29
reference_url http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
30
reference_url http://www.ubuntu.com/usn/usn-2994-1/
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/usn-2994-1/
31
reference_url http://www.ubuntu.com/usn/USN-2994-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2994-1
32
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1304636
reference_id 1304636
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1304636
33
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813613
reference_id 813613
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813613
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8806
reference_id CVE-2015-8806
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-8806
35
reference_url https://github.com/advisories/GHSA-7hp2-xwpj-95jq
reference_id GHSA-7hp2-xwpj-95jq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7hp2-xwpj-95jq
36
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2015-8806, GHSA-7hp2-xwpj-95jq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-egft-crba-6ubx
26
url VCID-ezzm-sgz4-xbaa
vulnerability_id VCID-ezzm-sgz4-xbaa
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2073.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2073.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2073
reference_id
reference_type
scores
0
value 0.01506
scoring_system epss
scoring_elements 0.81497
published_at 2026-06-04T12:55:00Z
1
value 0.01506
scoring_system epss
scoring_elements 0.81525
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2073
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
18
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1301928
reference_id 1301928
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1301928
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812807
reference_id 812807
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812807
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2073
reference_id CVE-2016-2073
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-2073
22
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2016-2073
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ezzm-sgz4-xbaa
27
url VCID-f8q4-hk9r-6be4
vulnerability_id VCID-f8q4-hk9r-6be4
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
The xmlNextChar function in libxml2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8241.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8241.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8241
reference_id
reference_type
scores
0
value 0.00843
scoring_system epss
scoring_elements 0.75111
published_at 2026-06-04T12:55:00Z
1
value 0.00843
scoring_system epss
scoring_elements 0.7514
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8241
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
14
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1281936
reference_id 1281936
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1281936
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806384
reference_id 806384
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806384
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8241
reference_id CVE-2015-8241
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2015-8241
18
reference_url https://access.redhat.com/errata/RHSA-2015:2549
reference_id RHSA-2015:2549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2549
19
reference_url https://access.redhat.com/errata/RHSA-2015:2550
reference_id RHSA-2015:2550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2550
20
reference_url https://access.redhat.com/errata/RHSA-2016:1089
reference_id RHSA-2016:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1089
21
reference_url https://usn.ubuntu.com/2834-1/
reference_id USN-2834-1
reference_type
scores
url https://usn.ubuntu.com/2834-1/
fixed_packages
aliases CVE-2015-8241
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f8q4-hk9r-6be4
28
url VCID-fn1n-adz5-5fcy
vulnerability_id VCID-fn1n-adz5-5fcy
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-2549.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-2549.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-2550.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-2550.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7499.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7499.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7499
reference_id
reference_type
scores
0
value 0.00714
scoring_system epss
scoring_elements 0.72758
published_at 2026-06-05T12:55:00Z
1
value 0.00714
scoring_system epss
scoring_elements 0.7272
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7499
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1281925
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1281925
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
19
reference_url https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc
20
reference_url https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da
21
reference_url https://github.com/advisories/GHSA-jxjr-5h69-qw3w
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-jxjr-5h69-qw3w
22
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-7499.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-7499.yml
23
reference_url https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM
24
reference_url https://security.gentoo.org/glsa/201701-37
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201701-37
25
reference_url https://web.archive.org/web/20210724022841/http://www.securityfocus.com/bid/79509
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210724022841/http://www.securityfocus.com/bid/79509
26
reference_url https://web.archive.org/web/20211205133229/https://securitytracker.com/id/1034243
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20211205133229/https://securitytracker.com/id/1034243
27
reference_url http://www.debian.org/security/2015/dsa-3430
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3430
28
reference_url http://www.ubuntu.com/usn/USN-2834-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2834-1
29
reference_url http://xmlsoft.org/news.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://xmlsoft.org/news.html
30
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7499
reference_id CVE-2015-7499
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7499
31
reference_url https://access.redhat.com/errata/RHSA-2015:2549
reference_id RHSA-2015:2549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2549
32
reference_url https://access.redhat.com/errata/RHSA-2015:2550
reference_id RHSA-2015:2550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2550
33
reference_url https://access.redhat.com/errata/RHSA-2016:1089
reference_id RHSA-2016:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1089
34
reference_url https://usn.ubuntu.com/2834-1/
reference_id USN-2834-1
reference_type
scores
url https://usn.ubuntu.com/2834-1/
35
reference_url https://usn.ubuntu.com/2875-1/
reference_id USN-2875-1
reference_type
scores
url https://usn.ubuntu.com/2875-1/
fixed_packages
aliases CVE-2015-7499, GHSA-jxjr-5h69-qw3w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fn1n-adz5-5fcy
29
url VCID-frer-xevm-x7f7
vulnerability_id VCID-frer-xevm-x7f7
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7376.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7376.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7376
reference_id
reference_type
scores
0
value 0.38332
scoring_system epss
scoring_elements 0.97316
published_at 2026-06-04T12:55:00Z
1
value 0.38332
scoring_system epss
scoring_elements 0.9732
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7376
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:N/A:P
1
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1462216
reference_id 1462216
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1462216
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870865
reference_id 870865
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870865
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7376
reference_id CVE-2017-7376
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-7376
13
reference_url https://usn.ubuntu.com/3424-1/
reference_id USN-3424-1
reference_type
scores
url https://usn.ubuntu.com/3424-1/
14
reference_url https://usn.ubuntu.com/3424-2/
reference_id USN-3424-2
reference_type
scores
url https://usn.ubuntu.com/3424-2/
fixed_packages
aliases CVE-2017-7376
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-frer-xevm-x7f7
30
url VCID-gfk4-86ze-3bdx
vulnerability_id VCID-gfk4-86ze-3bdx
summary arbitrary code execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29824.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29824.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-29824
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22549
published_at 2026-06-04T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22632
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-29824
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
reference_id
reference_type
scores
url https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab
5
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
reference_id
reference_type
scores
url https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd
6
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
reference_id
reference_type
scores
url https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14
7
reference_url https://gitlab.gnome.org/GNOME/libxslt/-/tags
reference_id
reference_type
scores
url https://gitlab.gnome.org/GNOME/libxslt/-/tags
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010526
reference_id 1010526
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010526
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2082158
reference_id 2082158
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2082158
11
reference_url https://security.archlinux.org/AVG-2726
reference_id AVG-2726
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2726
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-29824
reference_id CVE-2022-29824
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-29824
13
reference_url https://security.gentoo.org/glsa/202210-03
reference_id GLSA-202210-03
reference_type
scores
url https://security.gentoo.org/glsa/202210-03
14
reference_url https://access.redhat.com/errata/RHSA-2022:5250
reference_id RHSA-2022:5250
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5250
15
reference_url https://access.redhat.com/errata/RHSA-2022:5317
reference_id RHSA-2022:5317
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5317
16
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
17
reference_url https://usn.ubuntu.com/5422-1/
reference_id USN-5422-1
reference_type
scores
url https://usn.ubuntu.com/5422-1/
fixed_packages
aliases CVE-2022-29824
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gfk4-86ze-3bdx
31
url VCID-j98t-paam-97ec
vulnerability_id VCID-j98t-paam-97ec
summary 
Allocation of Resources Without Limits or Throttling
The xz_head function in xzlib.c in libxml2 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18258.json
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18258.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-18258
reference_id
reference_type
scores
0
value 0.00898
scoring_system epss
scoring_elements 0.76045
published_at 2026-06-05T12:55:00Z
1
value 0.00898
scoring_system epss
scoring_elements 0.7602
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-18258
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-18258.yml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-18258.yml
6
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10284
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://kc.mcafee.com/corporate/index?page=content&id=SB10284
7
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html
8
reference_url https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html
9
reference_url https://security.netapp.com/advisory/ntap-20190719-0001
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190719-0001
10
reference_url https://security.netapp.com/advisory/ntap-20190719-0001/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190719-0001/
11
reference_url https://usn.ubuntu.com/3739-1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3739-1
12
reference_url https://usn.ubuntu.com/3739-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3739-1/
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1566749
reference_id 1566749
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1566749
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895245
reference_id 895245
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895245
15
reference_url https://security.archlinux.org/AVG-671
reference_id AVG-671
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-671
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-18258
reference_id CVE-2017-18258
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-18258
17
reference_url https://github.com/advisories/GHSA-882p-jqgm-f45g
reference_id GHSA-882p-jqgm-f45g
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-882p-jqgm-f45g
18
reference_url https://access.redhat.com/errata/RHSA-2020:1190
reference_id RHSA-2020:1190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1190
fixed_packages
aliases CVE-2017-18258, GHSA-882p-jqgm-f45g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j98t-paam-97ec
32
url VCID-kg69-mhxs-tkcx
vulnerability_id VCID-kg69-mhxs-tkcx
summary 
Out-of-bounds Read
The xmlDictAddString function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1839.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1839.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1839
reference_id
reference_type
scores
0
value 0.04546
scoring_system epss
scoring_elements 0.89369
published_at 2026-06-04T12:55:00Z
1
value 0.04546
scoring_system epss
scoring_elements 0.89388
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1839
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
18
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1338703
reference_id 1338703
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1338703
20
reference_url https://code.google.com/p/google-security-research/issues/detail?id=637
reference_id CVE-2016-1839
reference_type exploit
scores
url https://code.google.com/p/google-security-research/issues/detail?id=637
21
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39491.txt
reference_id CVE-2016-1839
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39491.txt
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1839
reference_id CVE-2016-1839
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-1839
23
reference_url https://access.redhat.com/errata/RHSA-2016:1292
reference_id RHSA-2016:1292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1292
24
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
25
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2016-1839
risk_score null
exploitability 2.0
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kg69-mhxs-tkcx
33
url VCID-m8d1-5qex-huf8
vulnerability_id VCID-m8d1-5qex-huf8
summary arbitrary code execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5131.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5131.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5131
reference_id
reference_type
scores
0
value 0.0369
scoring_system epss
scoring_elements 0.88165
published_at 2026-06-05T12:55:00Z
1
value 0.0369
scoring_system epss
scoring_elements 0.88144
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5131
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1704
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1704
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1705
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1706
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1706
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1707
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1707
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1708
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1708
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1709
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1709
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1710
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1711
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1711
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5127
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5127
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5128
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5128
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5129
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5129
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5130
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5130
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5132
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5132
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5133
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5133
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5134
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5134
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5135
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5135
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5136
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5136
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5137
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5137
22
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
23
reference_url http://www.securitytracker.com/id/1036428
reference_id 1036428
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url http://www.securitytracker.com/id/1036428
24
reference_url http://www.securitytracker.com/id/1038623
reference_id 1038623
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url http://www.securitytracker.com/id/1038623
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1358641
reference_id 1358641
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1358641
26
reference_url https://source.android.com/security/bulletin/2017-05-01
reference_id 2017-05-01
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url https://source.android.com/security/bulletin/2017-05-01
27
reference_url https://codereview.chromium.org/2127493002
reference_id 2127493002
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url https://codereview.chromium.org/2127493002
28
reference_url https://crbug.com/623378
reference_id 623378
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url https://crbug.com/623378
29
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840554
reference_id 840554
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840554
30
reference_url http://www.securityfocus.com/bid/92053
reference_id 92053
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url http://www.securityfocus.com/bid/92053
31
reference_url https://security.archlinux.org/ASA-201611-2
reference_id ASA-201611-2
reference_type
scores
url https://security.archlinux.org/ASA-201611-2
32
reference_url https://security.archlinux.org/AVG-56
reference_id AVG-56
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-56
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5131
reference_id CVE-2016-5131
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-5131
34
reference_url http://www.debian.org/security/2016/dsa-3637
reference_id dsa-3637
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url http://www.debian.org/security/2016/dsa-3637
35
reference_url https://security.gentoo.org/glsa/201610-09
reference_id GLSA-201610-09
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url https://security.gentoo.org/glsa/201610-09
36
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html
reference_id msg00020.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html
37
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html
reference_id msg00021.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html
38
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html
reference_id msg00022.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html
39
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html
reference_id msg00028.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html
40
reference_url https://access.redhat.com/errata/RHSA-2016:1485
reference_id RHSA-2016:1485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1485
41
reference_url http://rhn.redhat.com/errata/RHSA-2016-1485.html
reference_id RHSA-2016-1485.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url http://rhn.redhat.com/errata/RHSA-2016-1485.html
42
reference_url https://access.redhat.com/errata/RHSA-2020:1190
reference_id RHSA-2020:1190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1190
43
reference_url http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html
reference_id stable-channel-update.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html
44
reference_url https://usn.ubuntu.com/3041-1/
reference_id USN-3041-1
reference_type
scores
url https://usn.ubuntu.com/3041-1/
45
reference_url http://www.ubuntu.com/usn/USN-3041-1
reference_id USN-3041-1
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/
url http://www.ubuntu.com/usn/USN-3041-1
46
reference_url https://usn.ubuntu.com/3235-1/
reference_id USN-3235-1
reference_type
scores
url https://usn.ubuntu.com/3235-1/
fixed_packages
aliases CVE-2016-5131
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m8d1-5qex-huf8
34
url VCID-m91c-mfu9-bbbh
vulnerability_id VCID-m91c-mfu9-bbbh
summary 
Loop with Unreachable Exit Condition ('Infinite Loop')
parser.c in libxml2 does not prevent infinite recursion in parameter entities.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16932.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16932.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-16932
reference_id
reference_type
scores
0
value 0.21755
scoring_system epss
scoring_elements 0.95853
published_at 2026-06-05T12:55:00Z
1
value 0.21755
scoring_system epss
scoring_elements 0.95849
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-16932
2
reference_url https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/
url https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html
3
reference_url https://bugzilla.gnome.org/show_bug.cgi?id=759579
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/
url https://bugzilla.gnome.org/show_bug.cgi?id=759579
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/
url https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961
7
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-16932.yml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-16932.yml
8
reference_url https://github.com/sparklemotion/nokogiri/issues/1714
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/1714
9
reference_url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/
url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/
url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
11
reference_url https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/
url https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html
12
reference_url https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/
url https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html
13
reference_url https://usn.ubuntu.com/3739-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3739-1
14
reference_url https://usn.ubuntu.com/3739-1/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/
url https://usn.ubuntu.com/3739-1/
15
reference_url https://usn.ubuntu.com/usn/usn-3504-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/usn/usn-3504-1/
16
reference_url http://xmlsoft.org/news.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/
url http://xmlsoft.org/news.html
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1517316
reference_id 1517316
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1517316
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882613
reference_id 882613
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882613
19
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961
reference_id 899a5d9f0ed13b8e32449a08a361e0de127dd961
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/
url https://gitlab.gnome.org/GNOME/libxml2/-/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-16932
reference_id CVE-2017-16932
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-16932
21
reference_url https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html
reference_id CVE-2017-16932.HTML
reference_type
scores
url https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html
22
reference_url https://github.com/advisories/GHSA-x2fm-93ww-ggvx
reference_id GHSA-x2fm-93ww-ggvx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x2fm-93ww-ggvx
23
reference_url https://usn.ubuntu.com/3504-1/
reference_id USN-3504-1
reference_type
scores
url https://usn.ubuntu.com/3504-1/
24
reference_url https://usn.ubuntu.com/3504-2/
reference_id USN-3504-2
reference_type
scores
url https://usn.ubuntu.com/3504-2/
fixed_packages
aliases CVE-2017-16932, GHSA-x2fm-93ww-ggvx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m91c-mfu9-bbbh
35
url VCID-ncxg-w6wk-bkb4
vulnerability_id VCID-ncxg-w6wk-bkb4
summary 
Out-of-bounds Read
libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted XML document. NOTE: this vulnerability exists because of a missing fix for CVE-2016-4483.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2486
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2486
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9598.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9598.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9598
reference_id
reference_type
scores
0
value 0.00673
scoring_system epss
scoring_elements 0.71813
published_at 2026-06-04T12:55:00Z
1
value 0.00673
scoring_system epss
scoring_elements 0.71852
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9598
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1408306
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1408306
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9598
reference_id CVE-2016-9598
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-9598
fixed_packages
aliases CVE-2016-9598
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ncxg-w6wk-bkb4
36
url VCID-pgfh-4snq-pbe6
vulnerability_id VCID-pgfh-4snq-pbe6
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8242.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8242.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8242
reference_id
reference_type
scores
0
value 0.00972
scoring_system epss
scoring_elements 0.76986
published_at 2026-06-04T12:55:00Z
1
value 0.00972
scoring_system epss
scoring_elements 0.77019
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8242
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1281950
reference_id 1281950
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1281950
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805146
reference_id 805146
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805146
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8242
reference_id CVE-2015-8242
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2015-8242
7
reference_url https://access.redhat.com/errata/RHSA-2015:2549
reference_id RHSA-2015:2549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2549
8
reference_url https://access.redhat.com/errata/RHSA-2015:2550
reference_id RHSA-2015:2550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2550
9
reference_url https://access.redhat.com/errata/RHSA-2016:1089
reference_id RHSA-2016:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1089
10
reference_url https://usn.ubuntu.com/2834-1/
reference_id USN-2834-1
reference_type
scores
url https://usn.ubuntu.com/2834-1/
fixed_packages
aliases CVE-2015-8242
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pgfh-4snq-pbe6
37
url VCID-q1rm-fyhj-kbfu
vulnerability_id VCID-q1rm-fyhj-kbfu
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1840.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1840.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1840
reference_id
reference_type
scores
0
value 0.01589
scoring_system epss
scoring_elements 0.81964
published_at 2026-06-04T12:55:00Z
1
value 0.01589
scoring_system epss
scoring_elements 0.81998
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1840
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1338706
reference_id 1338706
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1338706
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1840
reference_id CVE-2016-1840
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-1840
20
reference_url https://access.redhat.com/errata/RHSA-2016:1292
reference_id RHSA-2016:1292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1292
21
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
22
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2016-1840
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q1rm-fyhj-kbfu
38
url VCID-q736-5feg-q3h2
vulnerability_id VCID-q736-5feg-q3h2
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
The xmlParseElementDecl function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4447.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4447.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4447
reference_id
reference_type
scores
0
value 0.02658
scoring_system epss
scoring_elements 0.86061
published_at 2026-06-04T12:55:00Z
1
value 0.02658
scoring_system epss
scoring_elements 0.86082
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4447
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
18
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1338686
reference_id 1338686
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1338686
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4447
reference_id CVE-2016-4447
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-4447
21
reference_url https://access.redhat.com/errata/RHSA-2016:1292
reference_id RHSA-2016:1292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1292
22
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
23
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2016-4447
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q736-5feg-q3h2
39
url VCID-qa31-1xtw-ybdg
vulnerability_id VCID-qa31-1xtw-ybdg
summary An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40303.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40303.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40303
reference_id
reference_type
scores
0
value 0.0023
scoring_system epss
scoring_elements 0.45889
published_at 2026-06-04T12:55:00Z
1
value 0.0023
scoring_system epss
scoring_elements 0.45957
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40303
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/
url https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0
6
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/
url https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3
7
reference_url https://nokogiri.org/CHANGELOG.html#1139-2022-10-18
reference_id
reference_type
scores
url https://nokogiri.org/CHANGELOG.html#1139-2022-10-18
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022224
reference_id 1022224
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022224
9
reference_url http://seclists.org/fulldisclosure/2022/Dec/21
reference_id 21
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/
url http://seclists.org/fulldisclosure/2022/Dec/21
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2136266
reference_id 2136266
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2136266
11
reference_url http://seclists.org/fulldisclosure/2022/Dec/24
reference_id 24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/
url http://seclists.org/fulldisclosure/2022/Dec/24
12
reference_url http://seclists.org/fulldisclosure/2022/Dec/25
reference_id 25
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/
url http://seclists.org/fulldisclosure/2022/Dec/25
13
reference_url http://seclists.org/fulldisclosure/2022/Dec/26
reference_id 26
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/
url http://seclists.org/fulldisclosure/2022/Dec/26
14
reference_url http://seclists.org/fulldisclosure/2022/Dec/27
reference_id 27
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/
url http://seclists.org/fulldisclosure/2022/Dec/27
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-40303
reference_id CVE-2022-40303
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-40303
16
reference_url https://security.gentoo.org/glsa/202210-39
reference_id GLSA-202210-39
reference_type
scores
url https://security.gentoo.org/glsa/202210-39
17
reference_url https://support.apple.com/kb/HT213531
reference_id HT213531
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/
url https://support.apple.com/kb/HT213531
18
reference_url https://support.apple.com/kb/HT213533
reference_id HT213533
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/
url https://support.apple.com/kb/HT213533
19
reference_url https://support.apple.com/kb/HT213534
reference_id HT213534
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/
url https://support.apple.com/kb/HT213534
20
reference_url https://support.apple.com/kb/HT213535
reference_id HT213535
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/
url https://support.apple.com/kb/HT213535
21
reference_url https://support.apple.com/kb/HT213536
reference_id HT213536
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/
url https://support.apple.com/kb/HT213536
22
reference_url https://security.netapp.com/advisory/ntap-20221209-0003/
reference_id ntap-20221209-0003
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/
url https://security.netapp.com/advisory/ntap-20221209-0003/
23
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
24
reference_url https://access.redhat.com/errata/RHSA-2023:0173
reference_id RHSA-2023:0173
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0173
25
reference_url https://access.redhat.com/errata/RHSA-2023:0338
reference_id RHSA-2023:0338
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0338
26
reference_url https://access.redhat.com/errata/RHSA-2024:0413
reference_id RHSA-2024:0413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0413
27
reference_url https://usn.ubuntu.com/5760-1/
reference_id USN-5760-1
reference_type
scores
url https://usn.ubuntu.com/5760-1/
28
reference_url https://usn.ubuntu.com/5760-2/
reference_id USN-5760-2
reference_type
scores
url https://usn.ubuntu.com/5760-2/
29
reference_url https://usn.ubuntu.com/7659-1/
reference_id USN-7659-1
reference_type
scores
url https://usn.ubuntu.com/7659-1/
fixed_packages
aliases CVE-2022-40303
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qa31-1xtw-ybdg
40
url VCID-u795-5dzy-gkbs
vulnerability_id VCID-u795-5dzy-gkbs
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8710.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8710.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8710
reference_id
reference_type
scores
0
value 0.04711
scoring_system epss
scoring_elements 0.89558
published_at 2026-06-04T12:55:00Z
1
value 0.04711
scoring_system epss
scoring_elements 0.89576
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8710
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
14
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1213957
reference_id 1213957
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1213957
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782985
reference_id 782985
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782985
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8710
reference_id CVE-2015-8710
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2015-8710
18
reference_url https://access.redhat.com/errata/RHSA-2015:2549
reference_id RHSA-2015:2549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2549
19
reference_url https://access.redhat.com/errata/RHSA-2015:2550
reference_id RHSA-2015:2550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2550
20
reference_url https://access.redhat.com/errata/RHSA-2016:1089
reference_id RHSA-2016:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1089
21
reference_url https://usn.ubuntu.com/2875-1/
reference_id USN-2875-1
reference_type
scores
url https://usn.ubuntu.com/2875-1/
fixed_packages
aliases CVE-2015-8710
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u795-5dzy-gkbs
41
url VCID-ueh5-fv4d-a7a8
vulnerability_id VCID-ueh5-fv4d-a7a8
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15412.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15412.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15412
reference_id
reference_type
scores
0
value 0.02535
scoring_system epss
scoring_elements 0.85726
published_at 2026-06-04T12:55:00Z
1
value 0.02535
scoring_system epss
scoring_elements 0.85748
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15412
2
reference_url https://bugzilla.gnome.org/show_bug.cgi?id=783160
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.gnome.org/show_bug.cgi?id=783160
3
reference_url https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html
4
reference_url https://crbug.com/727039
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://crbug.com/727039
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-15412.yml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-15412.yml
8
reference_url https://github.com/sparklemotion/nokogiri/issues/1714
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/1714
9
reference_url https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html
10
reference_url https://security.gentoo.org/glsa/201801-03
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201801-03
11
reference_url https://web.archive.org/web/20201208155618/http://www.securitytracker.com/id/1040348
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201208155618/http://www.securitytracker.com/id/1040348
12
reference_url https://www.debian.org/security/2018/dsa-4086
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4086
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1523128
reference_id 1523128
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1523128
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883790
reference_id 883790
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883790
15
reference_url https://security.archlinux.org/ASA-201712-5
reference_id ASA-201712-5
reference_type
scores
url https://security.archlinux.org/ASA-201712-5
16
reference_url https://security.archlinux.org/AVG-544
reference_id AVG-544
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-544
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-15412
reference_id CVE-2017-15412
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-15412
18
reference_url https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html
reference_id CVE-2017-15412.HTML
reference_type
scores
url https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html
19
reference_url https://access.redhat.com/errata/RHSA-2017:3401
reference_id RHSA-2017:3401
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3401
20
reference_url https://access.redhat.com/errata/RHSA-2018:0287
reference_id RHSA-2018:0287
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0287
21
reference_url https://access.redhat.com/errata/RHSA-2020:1190
reference_id RHSA-2020:1190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1190
22
reference_url https://usn.ubuntu.com/3513-1/
reference_id USN-3513-1
reference_type
scores
url https://usn.ubuntu.com/3513-1/
23
reference_url https://usn.ubuntu.com/3513-2/
reference_id USN-3513-2
reference_type
scores
url https://usn.ubuntu.com/3513-2/
fixed_packages
aliases CVE-2017-15412, GHSA-r58r-74gx-6wx3
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ueh5-fv4d-a7a8
42
url VCID-w156-x6fs-7baj
vulnerability_id VCID-w156-x6fs-7baj
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
The xmlParseXMLDecl function in parser.c in libxml2 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8317.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8317.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8317
reference_id
reference_type
scores
0
value 0.00486
scoring_system epss
scoring_elements 0.65725
published_at 2026-06-04T12:55:00Z
1
value 0.00486
scoring_system epss
scoring_elements 0.65778
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8317
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
14
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1281930
reference_id 1281930
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1281930
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8317
reference_id CVE-2015-8317
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2015-8317
17
reference_url https://access.redhat.com/errata/RHSA-2015:2549
reference_id RHSA-2015:2549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2549
18
reference_url https://access.redhat.com/errata/RHSA-2015:2550
reference_id RHSA-2015:2550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2550
19
reference_url https://access.redhat.com/errata/RHSA-2016:1089
reference_id RHSA-2016:1089
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1089
20
reference_url https://usn.ubuntu.com/2834-1/
reference_id USN-2834-1
reference_type
scores
url https://usn.ubuntu.com/2834-1/
fixed_packages
aliases CVE-2015-8317
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w156-x6fs-7baj
43
url VCID-y6zn-hwwh-23hp
vulnerability_id VCID-y6zn-hwwh-23hp
summary 
Out-of-bounds Read
The xmlPArserPrintFileContextInternal function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1838.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1838.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1838
reference_id
reference_type
scores
0
value 0.03485
scoring_system epss
scoring_elements 0.87792
published_at 2026-06-04T12:55:00Z
1
value 0.03485
scoring_system epss
scoring_elements 0.87814
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1838
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1338705
reference_id 1338705
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1338705
19
reference_url https://code.google.com/p/google-security-research/issues/detail?id=639
reference_id CVE-2016-1838
reference_type exploit
scores
url https://code.google.com/p/google-security-research/issues/detail?id=639
20
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39493.txt
reference_id CVE-2016-1838
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39493.txt
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1838
reference_id CVE-2016-1838
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-1838
22
reference_url https://access.redhat.com/errata/RHSA-2016:1292
reference_id RHSA-2016:1292
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1292
23
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
24
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2016-1838
risk_score null
exploitability 2.0
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y6zn-hwwh-23hp
44
url VCID-y76b-6hzr-uqgb
vulnerability_id VCID-y76b-6hzr-uqgb
summary 
Deserialization of Untrusted Data
The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4483.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4483.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4483
reference_id
reference_type
scores
0
value 0.0127
scoring_system epss
scoring_elements 0.79831
published_at 2026-06-04T12:55:00Z
1
value 0.0127
scoring_system epss
scoring_elements 0.79856
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4483
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
18
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1332820
reference_id 1332820
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1332820
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823405
reference_id 823405
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823405
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4483
reference_id CVE-2016-4483
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-4483
22
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
23
reference_url https://usn.ubuntu.com/2994-1/
reference_id USN-2994-1
reference_type
scores
url https://usn.ubuntu.com/2994-1/
fixed_packages
aliases CVE-2016-4483
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y76b-6hzr-uqgb
45
url VCID-yjn6-17qx-9ubc
vulnerability_id VCID-yjn6-17qx-9ubc
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3518.json
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3518.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3518
reference_id
reference_type
scores
0
value 0.0025
scoring_system epss
scoring_elements 0.48575
published_at 2026-06-04T12:55:00Z
1
value 0.0025
scoring_system epss
scoring_elements 0.48638
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3518
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1954242
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1954242
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518
4
reference_url http://seclists.org/fulldisclosure/2021/Jul/54
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2021/Jul/54
5
reference_url http://seclists.org/fulldisclosure/2021/Jul/55
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2021/Jul/55
6
reference_url http://seclists.org/fulldisclosure/2021/Jul/58
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2021/Jul/58
7
reference_url http://seclists.org/fulldisclosure/2021/Jul/59
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2021/Jul/59
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3518.yml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3518.yml
10
reference_url https://github.com/sparklemotion/nokogiri
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri
11
reference_url https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722
12
reference_url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
14
reference_url https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/
19
reference_url https://nokogiri.org/CHANGELOG.html#1114-2021-05-14
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nokogiri.org/CHANGELOG.html#1114-2021-05-14
20
reference_url https://security.gentoo.org/glsa/202107-05
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/202107-05
21
reference_url https://security.netapp.com/advisory/ntap-20210625-0002
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210625-0002
22
reference_url https://security.netapp.com/advisory/ntap-20210625-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210625-0002/
23
reference_url https://support.apple.com/kb/HT212601
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT212601
24
reference_url https://support.apple.com/kb/HT212602
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT212602
25
reference_url https://support.apple.com/kb/HT212604
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT212604
26
reference_url https://support.apple.com/kb/HT212605
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT212605
27
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
28
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
29
reference_url https://www.oracle.com/security-alerts/cpuoct2021.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2021.html
30
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987737
reference_id 987737
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987737
31
reference_url https://security.archlinux.org/AVG-1883
reference_id AVG-1883
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1883
32
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3518
reference_id CVE-2021-3518
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3518
33
reference_url https://github.com/advisories/GHSA-v4f8-2847-rwm7
reference_id GHSA-v4f8-2847-rwm7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v4f8-2847-rwm7
34
reference_url https://access.redhat.com/errata/RHSA-2021:2569
reference_id RHSA-2021:2569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2569
35
reference_url https://access.redhat.com/errata/RHSA-2022:1389
reference_id RHSA-2022:1389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1389
36
reference_url https://access.redhat.com/errata/RHSA-2022:1390
reference_id RHSA-2022:1390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1390
37
reference_url https://usn.ubuntu.com/4991-1/
reference_id USN-4991-1
reference_type
scores
url https://usn.ubuntu.com/4991-1/
fixed_packages
aliases CVE-2021-3518, GHSA-v4f8-2847-rwm7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yjn6-17qx-9ubc
46
url VCID-zezc-xfmm-cqcg
vulnerability_id VCID-zezc-xfmm-cqcg
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
parser.c in libxml2 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16931.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16931.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-16931
reference_id
reference_type
scores
0
value 0.01443
scoring_system epss
scoring_elements 0.81079
published_at 2026-06-04T12:55:00Z
1
value 0.01443
scoring_system epss
scoring_elements 0.81107
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-16931
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16931
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16931
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1517307
reference_id 1517307
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1517307
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-16931
reference_id CVE-2017-16931
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-16931
fixed_packages
aliases CVE-2017-16931
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zezc-xfmm-cqcg
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@2.7.8.5