Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nuget/libxml2@2.9.3

Type nuget

Namespace

Name libxml2

Version 2.9.3

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-4gyr-nwyy-qfeq

vulnerability_id

VCID-4gyr-nwyy-qfeq

summary

Improper Restriction of Operations within the Bounds of a Memory Buffer
It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9597.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9597.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9597

reference_id

reference_type

scores

value	0.01148
scoring_system	epss
scoring_elements	0.78529
published_at	2026-04-24T12:55:00Z

value	0.01148
scoring_system	epss
scoring_elements	0.78496
published_at	2026-04-21T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.7932
published_at	2026-04-04T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79306
published_at	2026-04-07T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79331
published_at	2026-04-08T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79341
published_at	2026-04-09T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79289
published_at	2026-04-01T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79349
published_at	2026-04-12T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79339
published_at	2026-04-13T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79366
published_at	2026-04-16T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79361
published_at	2026-04-18T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79365
published_at	2026-04-11T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79296
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9597

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9597
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9597

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.securityfocus.com/bid/98567
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/98567

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1408305
reference_id	1408305
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1408305

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2016-9597
reference_id	CVE-2016-9597
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2016-9597

fixed_packages

aliases

CVE-2016-9597

risk_score

1.1

exploitability

0.5

weighted_severity

2.1

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-4gyr-nwyy-qfeq

url

VCID-bp8r-8jjt-hygw

vulnerability_id

VCID-bp8r-8jjt-hygw

summary

Improper Input Validation
The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.

references

reference_url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2957.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2957.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3705.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3705.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-3705

reference_id

reference_type

scores

value	0.01034
scoring_system	epss
scoring_elements	0.77427
published_at	2026-04-24T12:55:00Z

value	0.01034
scoring_system	epss
scoring_elements	0.77393
published_at	2026-04-21T12:55:00Z

value	0.01034
scoring_system	epss
scoring_elements	0.77304
published_at	2026-04-01T12:55:00Z

value	0.01034
scoring_system	epss
scoring_elements	0.77311
published_at	2026-04-02T12:55:00Z

value	0.01034
scoring_system	epss
scoring_elements	0.77339
published_at	2026-04-04T12:55:00Z

value	0.01034
scoring_system	epss
scoring_elements	0.7732
published_at	2026-04-07T12:55:00Z

value	0.01034
scoring_system	epss
scoring_elements	0.7735
published_at	2026-04-08T12:55:00Z

value	0.01034
scoring_system	epss
scoring_elements	0.77359
published_at	2026-04-09T12:55:00Z

value	0.01034
scoring_system	epss
scoring_elements	0.77386
published_at	2026-04-11T12:55:00Z

value	0.01034
scoring_system	epss
scoring_elements	0.77365
published_at	2026-04-12T12:55:00Z

value	0.01034
scoring_system	epss
scoring_elements	0.77362
published_at	2026-04-13T12:55:00Z

value	0.01034
scoring_system	epss
scoring_elements	0.77402
published_at	2026-04-16T12:55:00Z

value	0.01034
scoring_system	epss
scoring_elements	0.77401
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3705

reference_url	https://bugzilla.gnome.org/show_bug.cgi?id=765207
reference_id
reference_type
scores
url	https://bugzilla.gnome.org/show_bug.cgi?id=765207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483

reference_url	http://seclists.org/fulldisclosure/2016/May/10
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2016/May/10

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239

reference_url	https://kc.mcafee.com/corporate/index?page=content&id=SB10170
reference_id
reference_type
scores
url	https://kc.mcafee.com/corporate/index?page=content&id=SB10170

reference_url	https://www.debian.org/security/2016/dsa-3593
reference_id
reference_type
scores
url	https://www.debian.org/security/2016/dsa-3593

reference_url	https://www.tenable.com/security/tns-2016-18
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2016-18

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/89854
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/89854

reference_url	http://www.ubuntu.com/usn/USN-2994-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2994-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1332443
reference_id	1332443
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1332443

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823414
reference_id	823414
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823414

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:::::::*
reference_id	cpe:2.3:a:hp:icewall_federation_agent:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:::::::*
reference_id	cpe:2.3:a:hp:icewall_file_manager:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.3:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxml2:2.9.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-3705

reference_id

CVE-2016-3705

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-3705

reference_url	https://security.gentoo.org/glsa/201701-37
reference_id	GLSA-201701-37
reference_type
scores
url	https://security.gentoo.org/glsa/201701-37

reference_url	https://access.redhat.com/errata/RHSA-2016:1292
reference_id	RHSA-2016:1292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1292

reference_url	https://access.redhat.com/errata/RHSA-2016:2957
reference_id	RHSA-2016:2957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2957

reference_url	https://usn.ubuntu.com/2994-1/
reference_id	USN-2994-1
reference_type
scores
url	https://usn.ubuntu.com/2994-1/

fixed_packages

aliases

CVE-2016-3705

risk_score

3.4

exploitability

0.5

weighted_severity

6.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-bp8r-8jjt-hygw

url

VCID-netm-9gxh-3yh4

vulnerability_id

VCID-netm-9gxh-3yh4

summary

Use of Externally-Controlled Format String
Format string vulnerability in libxml2 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

references

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2957.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2957.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4448.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4448.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4448

reference_id

reference_type

scores

value	0.01204
scoring_system	epss
scoring_elements	0.78995
published_at	2026-04-24T12:55:00Z

value	0.01204
scoring_system	epss
scoring_elements	0.78968
published_at	2026-04-16T12:55:00Z

value	0.01204
scoring_system	epss
scoring_elements	0.78964
published_at	2026-04-21T12:55:00Z

value	0.01204
scoring_system	epss
scoring_elements	0.78892
published_at	2026-04-01T12:55:00Z

value	0.01204
scoring_system	epss
scoring_elements	0.78898
published_at	2026-04-02T12:55:00Z

value	0.01204
scoring_system	epss
scoring_elements	0.78928
published_at	2026-04-04T12:55:00Z

value	0.01204
scoring_system	epss
scoring_elements	0.7891
published_at	2026-04-07T12:55:00Z

value	0.01204
scoring_system	epss
scoring_elements	0.78935
published_at	2026-04-08T12:55:00Z

value	0.01204
scoring_system	epss
scoring_elements	0.78941
published_at	2026-04-09T12:55:00Z

value	0.01204
scoring_system	epss
scoring_elements	0.78965
published_at	2026-04-18T12:55:00Z

value	0.01204
scoring_system	epss
scoring_elements	0.78949
published_at	2026-04-12T12:55:00Z

value	0.01204
scoring_system	epss
scoring_elements	0.78939
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4448

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9
reference_id
reference_type
scores
url	https://git.gnome.org/browse/libxml2/commit/?id=4472c3a5a5b516aaf59b89be602fbce52756c3e9

reference_url	https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b
reference_id
reference_type
scores
url	https://git.gnome.org/browse/libxml2/commit/?id=502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709

reference_url	https://kc.mcafee.com/corporate/index?page=content&id=SB10170
reference_id
reference_type
scores
url	https://kc.mcafee.com/corporate/index?page=content&id=SB10170

reference_url	https://support.apple.com/HT206899
reference_id
reference_type
scores
url	https://support.apple.com/HT206899

reference_url	https://support.apple.com/HT206901
reference_id
reference_type
scores
url	https://support.apple.com/HT206901

reference_url	https://support.apple.com/HT206902
reference_id
reference_type
scores
url	https://support.apple.com/HT206902

reference_url	https://support.apple.com/HT206903
reference_id
reference_type
scores
url	https://support.apple.com/HT206903

reference_url	https://support.apple.com/HT206904
reference_id
reference_type
scores
url	https://support.apple.com/HT206904

reference_url	https://support.apple.com/HT206905
reference_id
reference_type
scores
url	https://support.apple.com/HT206905

reference_url	https://www.tenable.com/security/tns-2016-18
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2016-18

reference_url	http://www.openwall.com/lists/oss-security/2016/05/25/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/05/25/2

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/90856
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/90856

reference_url	http://www.securitytracker.com/id/1036348
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036348

reference_url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722
reference_id
reference_type
scores
url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722

reference_url	http://xmlsoft.org/news.html
reference_id
reference_type
scores
url	http://xmlsoft.org/news.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1338700
reference_id	1338700
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1338700

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829718
reference_id	829718
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829718

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud::::::::
reference_id	cpe:2.3:a:apple:icloud::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes::::::::
reference_id	cpe:2.3:a:apple:itunes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:::::::*
reference_id	cpe:2.3:a:hp:icewall_federation_agent:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway::::::::
reference_id	cpe:2.3:a:mcafee:web_gateway::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:log_correlation_engine:4.8.0:::::::*
reference_id	cpe:2.3:a:tenable:log_correlation_engine:4.8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tenable:log_correlation_engine:4.8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2::::::::
reference_id	cpe:2.3:a:xmlsoft:libxml2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
reference_id	cpe:2.3:o:apple:iphone_os::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
reference_id	cpe:2.3:o:apple:tvos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
reference_id	cpe:2.3:o:apple:watchos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::
reference_id	cpe:2.3:o:microsoft:windows::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:::::::*
reference_id	cpe:2.3:o:microsoft:windows:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*
reference_id	cpe:2.3:o:oracle:linux:6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:0::::::
reference_id	cpe:2.3:o:oracle:linux:7:0::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:0::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.3:::::::*
reference_id	cpe:2.3:o:oracle:vm_server:3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.4:::::::*
reference_id	cpe:2.3:o:oracle:vm_server:3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:14.0:::::::*
reference_id	cpe:2.3:o:slackware:slackware_linux:14.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:14.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:14.1:::::::*
reference_id	cpe:2.3:o:slackware:slackware_linux:14.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:14.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-4448

reference_id

CVE-2016-4448

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-4448

reference_url	https://access.redhat.com/errata/RHSA-2016:1292
reference_id	RHSA-2016:1292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1292

reference_url	https://access.redhat.com/errata/RHSA-2016:2957
reference_id	RHSA-2016:2957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2957

reference_url	https://usn.ubuntu.com/3235-1/
reference_id	USN-3235-1
reference_type
scores
url	https://usn.ubuntu.com/3235-1/

fixed_packages

aliases

CVE-2016-4448

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-netm-9gxh-3yh4

url

VCID-t9pa-yw9s-kqb9

vulnerability_id

VCID-t9pa-yw9s-kqb9

summary

Improper Input Validation
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.

references

reference_url	http://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000066.html
reference_id
reference_type
scores
url	http://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000066.html

reference_url	http://jvn.jp/en/jp/JVN17535578/index.html
reference_id
reference_type
scores
url	http://jvn.jp/en/jp/JVN17535578/index.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2957.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2957.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4449.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4449.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4449

reference_id

reference_type

scores

value	0.00121
scoring_system	epss
scoring_elements	0.30859
published_at	2026-04-24T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31047
published_at	2026-04-18T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31015
published_at	2026-04-21T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31041
published_at	2026-04-01T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31166
published_at	2026-04-02T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31212
published_at	2026-04-04T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31032
published_at	2026-04-07T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31088
published_at	2026-04-08T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31117
published_at	2026-04-09T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31123
published_at	2026-04-11T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.3108
published_at	2026-04-12T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31035
published_at	2026-04-13T12:55:00Z

value	0.00121
scoring_system	epss
scoring_elements	0.31066
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4449

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5
reference_id
reference_type
scores
url	https://git.gnome.org/browse/libxml2/commit/?id=b1d34de46a11323fccffa9fadeb33be670d602f5

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709

reference_url	https://kc.mcafee.com/corporate/index?page=content&id=SB10170
reference_id
reference_type
scores
url	https://kc.mcafee.com/corporate/index?page=content&id=SB10170

reference_url	https://support.apple.com/HT206899
reference_id
reference_type
scores
url	https://support.apple.com/HT206899

reference_url	https://support.apple.com/HT206901
reference_id
reference_type
scores
url	https://support.apple.com/HT206901

reference_url	https://support.apple.com/HT206902
reference_id
reference_type
scores
url	https://support.apple.com/HT206902

reference_url	https://support.apple.com/HT206903
reference_id
reference_type
scores
url	https://support.apple.com/HT206903

reference_url	https://support.apple.com/HT206904
reference_id
reference_type
scores
url	https://support.apple.com/HT206904

reference_url	https://support.apple.com/HT206905
reference_id
reference_type
scores
url	https://support.apple.com/HT206905

reference_url	https://support.cybozu.com/ja-jp/article/9735
reference_id
reference_type
scores
url	https://support.cybozu.com/ja-jp/article/9735

reference_url	https://www.debian.org/security/2016/dsa-3593
reference_id
reference_type
scores
url	https://www.debian.org/security/2016/dsa-3593

reference_url	https://www.tenable.com/security/tns-2016-18
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2016-18

reference_url	http://www.openwall.com/lists/oss-security/2016/05/25/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/05/25/2

reference_url	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/90865
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/90865

reference_url	http://www.securitytracker.com/id/1036348
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036348

reference_url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722
reference_id
reference_type
scores
url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722

reference_url	http://www.ubuntu.com/usn/USN-2994-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2994-1

reference_url	http://xmlsoft.org/news.html
reference_id
reference_type
scores
url	http://xmlsoft.org/news.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1338701
reference_id	1338701
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1338701

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2::::::::
reference_id	cpe:2.3:a:xmlsoft:libxml2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-4449

reference_id

CVE-2016-4449

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:P

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-4449

reference_url	https://access.redhat.com/errata/RHSA-2016:1292
reference_id	RHSA-2016:1292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1292

reference_url	https://access.redhat.com/errata/RHSA-2016:2957
reference_id	RHSA-2016:2957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2957

reference_url	https://usn.ubuntu.com/2994-1/
reference_id	USN-2994-1
reference_type
scores
url	https://usn.ubuntu.com/2994-1/

fixed_packages

aliases

CVE-2016-4449

risk_score

3.2

exploitability

0.5

weighted_severity

6.4

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-t9pa-yw9s-kqb9

url

VCID-tazr-2qgq-77fy

vulnerability_id

VCID-tazr-2qgq-77fy

summary

Improper Restriction of Operations within the Bounds of a Memory Buffer
The xmlParseElementDecl function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.

references

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2957.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2957.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4447.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4447.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4447

reference_id

reference_type

scores

value	0.02064
scoring_system	epss
scoring_elements	0.83977
published_at	2026-04-24T12:55:00Z

value	0.02064
scoring_system	epss
scoring_elements	0.83949
published_at	2026-04-18T12:55:00Z

value	0.02064
scoring_system	epss
scoring_elements	0.83951
published_at	2026-04-21T12:55:00Z

value	0.02064
scoring_system	epss
scoring_elements	0.83856
published_at	2026-04-01T12:55:00Z

value	0.02064
scoring_system	epss
scoring_elements	0.8387
published_at	2026-04-02T12:55:00Z

value	0.02064
scoring_system	epss
scoring_elements	0.83886
published_at	2026-04-04T12:55:00Z

value	0.02064
scoring_system	epss
scoring_elements	0.83887
published_at	2026-04-07T12:55:00Z

value	0.02064
scoring_system	epss
scoring_elements	0.83911
published_at	2026-04-08T12:55:00Z

value	0.02064
scoring_system	epss
scoring_elements	0.83917
published_at	2026-04-09T12:55:00Z

value	0.02064
scoring_system	epss
scoring_elements	0.83934
published_at	2026-04-11T12:55:00Z

value	0.02064
scoring_system	epss
scoring_elements	0.83928
published_at	2026-04-12T12:55:00Z

value	0.02064
scoring_system	epss
scoring_elements	0.83924
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4447

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83
reference_id
reference_type
scores
url	https://git.gnome.org/browse/libxml2/commit/?id=00906759053986b8079985644172085f74331f83

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05194709

reference_url	https://kc.mcafee.com/corporate/index?page=content&id=SB10170
reference_id
reference_type
scores
url	https://kc.mcafee.com/corporate/index?page=content&id=SB10170

reference_url	https://support.apple.com/HT206899
reference_id
reference_type
scores
url	https://support.apple.com/HT206899

reference_url	https://support.apple.com/HT206901
reference_id
reference_type
scores
url	https://support.apple.com/HT206901

reference_url	https://support.apple.com/HT206902
reference_id
reference_type
scores
url	https://support.apple.com/HT206902

reference_url	https://support.apple.com/HT206903
reference_id
reference_type
scores
url	https://support.apple.com/HT206903

reference_url	https://support.apple.com/HT206904
reference_id
reference_type
scores
url	https://support.apple.com/HT206904

reference_url	https://support.apple.com/HT206905
reference_id
reference_type
scores
url	https://support.apple.com/HT206905

reference_url	https://www.debian.org/security/2016/dsa-3593
reference_id
reference_type
scores
url	https://www.debian.org/security/2016/dsa-3593

reference_url	https://www.tenable.com/security/tns-2016-18
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2016-18

reference_url	http://www.openwall.com/lists/oss-security/2016/05/25/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/05/25/2

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/90864
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/90864

reference_url	http://www.securitytracker.com/id/1036348
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036348

reference_url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722
reference_id
reference_type
scores
url	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.404722

reference_url	http://www.ubuntu.com/usn/USN-2994-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2994-1

reference_url	http://xmlsoft.org/news.html
reference_id
reference_type
scores
url	http://xmlsoft.org/news.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1338686
reference_id	1338686
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1338686

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes:12.4.1:::::::*
reference_id	cpe:2.3:a:apple:itunes:12.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes:12.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:::::::*
reference_id	cpe:2.3:a:hp:icewall_federation_agent:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway::::::::
reference_id	cpe:2.3:a:mcafee:web_gateway::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2::::::::
reference_id	cpe:2.3:a:xmlsoft:libxml2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
reference_id	cpe:2.3:o:apple:iphone_os::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
reference_id	cpe:2.3:o:apple:tvos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
reference_id	cpe:2.3:o:apple:watchos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::
reference_id	cpe:2.3:o:microsoft:windows::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.3:::::::*
reference_id	cpe:2.3:o:oracle:vm_server:3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.4:::::::*
reference_id	cpe:2.3:o:oracle:vm_server:3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.4:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-4447

reference_id

CVE-2016-4447

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-4447

reference_url	https://access.redhat.com/errata/RHSA-2016:1292
reference_id	RHSA-2016:1292
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1292

reference_url	https://access.redhat.com/errata/RHSA-2016:2957
reference_id	RHSA-2016:2957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2957

reference_url	https://usn.ubuntu.com/2994-1/
reference_id	USN-2994-1
reference_type
scores
url	https://usn.ubuntu.com/2994-1/

fixed_packages

aliases

CVE-2016-4447

risk_score

3.4

exploitability

0.5

weighted_severity

6.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-tazr-2qgq-77fy

url

VCID-wy5v-dsp3-a7aa

vulnerability_id

VCID-wy5v-dsp3-a7aa

summary

Improper Input Validation
The xmlStringGetNodeList function in tree.c in libxml2, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.

references

reference_url

http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html

reference_url

http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html

reference_url

http://rhn.redhat.com/errata/RHSA-2016-2957.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

http://rhn.redhat.com/errata/RHSA-2016-2957.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3627.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3627.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-3627

reference_id

reference_type

scores

value	0.00163
scoring_system	epss
scoring_elements	0.37298
published_at	2026-04-12T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37021
published_at	2026-04-24T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.3727
published_at	2026-04-13T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37245
published_at	2026-04-21T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37331
published_at	2026-04-11T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.3732
published_at	2026-04-09T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37308
published_at	2026-04-08T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37257
published_at	2026-04-07T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37429
published_at	2026-04-04T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37405
published_at	2026-04-02T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37316
published_at	2026-04-16T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37239
published_at	2026-04-01T12:55:00Z

value	0.00163
scoring_system	epss
scoring_elements	0.37299
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3627

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483

reference_url

http://seclists.org/fulldisclosure/2016/May/10

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

http://seclists.org/fulldisclosure/2016/May/10

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239

reference_url

https://kc.mcafee.com/corporate/index?page=content&id=SB10170

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

https://kc.mcafee.com/corporate/index?page=content&id=SB10170

reference_url

https://www.debian.org/security/2016/dsa-3593

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

https://www.debian.org/security/2016/dsa-3593

reference_url

https://www.tenable.com/security/tns-2016-18

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

https://www.tenable.com/security/tns-2016-18

reference_url

http://www.openwall.com/lists/oss-security/2016/03/21/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

http://www.openwall.com/lists/oss-security/2016/03/21/2

reference_url

http://www.openwall.com/lists/oss-security/2016/03/21/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

http://www.openwall.com/lists/oss-security/2016/03/21/3

reference_url

http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html

reference_url

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

reference_url

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url

http://www.securityfocus.com/bid/84992

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

http://www.securityfocus.com/bid/84992

reference_url

http://www.securitytracker.com/id/1035335

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

http://www.securitytracker.com/id/1035335

reference_url

http://www.ubuntu.com/usn/USN-2994-1

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

http://www.ubuntu.com/usn/USN-2994-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1319829
reference_id	1319829
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1319829

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819006
reference_id	819006
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819006

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:::::::*
reference_id	cpe:2.3:a:hp:icewall_federation_agent:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:::::::*
reference_id	cpe:2.3:a:hp:icewall_file_manager:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.3::::::x86:
reference_id	cpe:2.3:a:oracle:vm_server:3.3::::::x86:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.3::::::x86:

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.4::::::x86:
reference_id	cpe:2.3:a:oracle:vm_server:3.4::::::x86:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.4::::::x86:

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:-:::::::*
reference_id	cpe:2.3:a:redhat:jboss_core_services:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2::::::::
reference_id	cpe:2.3:a:xmlsoft:libxml2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:::::::*
reference_id	cpe:2.3:o:oracle:solaris:11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-3627

reference_id

CVE-2016-3627

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-3627

reference_url

https://security.gentoo.org/glsa/201701-37

reference_id

GLSA-201701-37

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

https://security.gentoo.org/glsa/201701-37

reference_url

https://access.redhat.com/errata/RHSA-2016:1292

reference_id

RHSA-2016:1292

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/

url

https://access.redhat.com/errata/RHSA-2016:1292

reference_url	https://access.redhat.com/errata/RHSA-2016:2957
reference_id	RHSA-2016:2957
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2957

reference_url	https://usn.ubuntu.com/2994-1/
reference_id	USN-2994-1
reference_type
scores
url	https://usn.ubuntu.com/2994-1/

fixed_packages

aliases

CVE-2016-3627

risk_score

3.4

exploitability

0.5

weighted_severity

6.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-wy5v-dsp3-a7aa

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@2.9.3

Package Instance