Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/4592?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/4592?format=api", "purl": "pkg:deb/debian/libxml2@2.6.16-7sarge1", "type": "deb", "namespace": "debian", "name": "libxml2", "version": "2.6.16-7sarge1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.15.3+dfsg-1", "latest_non_vulnerable_version": "2.15.3+dfsg-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37945?format=api", "vulnerability_id": "VCID-1esy-azbk-rkgn", "summary": "Uncontrolled Resource Consumption\nThe xz_decomp function in xzlib.c in libxml2 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8035.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8035.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01006", "scoring_system": "epss", "scoring_elements": "0.774", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01006", "scoring_system": "epss", "scoring_elements": "0.77428", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01006", "scoring_system": "epss", "scoring_elements": "0.77437", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01006", "scoring_system": "epss", "scoring_elements": "0.77418", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", "reference_id": "1277146", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1277146" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803942", "reference_id": "803942", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803942" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", "reference_id": "CVE-2015-8035", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1190", "reference_id": "RHSA-2020:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1190" }, { "reference_url": "https://usn.ubuntu.com/2812-1/", "reference_id": "USN-2812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2812-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8035" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1esy-azbk-rkgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37946?format=api", "vulnerability_id": "VCID-1f8c-m3q3-yyea", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nlibxml2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7941.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7941.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00434", "scoring_system": "epss", "scoring_elements": "0.63181", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00434", "scoring_system": "epss", "scoring_elements": "0.63225", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00434", "scoring_system": "epss", "scoring_elements": "0.63233", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00434", "scoring_system": "epss", "scoring_elements": "0.63223", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00434", "scoring_system": "epss", "scoring_elements": "0.63209", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274222", "reference_id": "1274222", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274222" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783010", "reference_id": "783010", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783010" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7941", "reference_id": "CVE-2015-7941", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2812-1/", "reference_id": "USN-2812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2812-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-7941" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1f8c-m3q3-yyea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38139?format=api", "vulnerability_id": "VCID-1nax-e3jj-ryef", "summary": "Use of Externally-Controlled Format String\nFormat string vulnerability in libxml2 allows attackers to have unspecified impact via format string specifiers in unknown vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4448.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4448.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4448", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01546", "scoring_system": "epss", "scoring_elements": "0.81723", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01546", "scoring_system": "epss", "scoring_elements": "0.81753", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01546", "scoring_system": "epss", "scoring_elements": "0.81754", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01546", "scoring_system": "epss", "scoring_elements": "0.81747", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338700", "reference_id": "1338700", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338700" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829718", "reference_id": "829718", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829718" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4448", "reference_id": "CVE-2016-4448", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4448" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/3235-1/", "reference_id": "USN-3235-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3235-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-4448" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1nax-e3jj-ryef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53460?format=api", "vulnerability_id": "VCID-1sh8-bsk3-auct", "summary": "libxml2 has a global Buffer Overflow vulnerability in `xmlEncodeEntitiesInternal` at `libxml2/entities.c`.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00036.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00036.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00061.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00061.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24977.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24977.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.72316", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.7233", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.72364", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.72345", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.72358", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-24977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24977" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/178" }, { "reference_url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NQ5GTDYOVH26PBCPYXXMGW5ZZXWMGZC/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NQ5GTDYOVH26PBCPYXXMGW5ZZXWMGZC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KTUAGDLEHTH6HU66HBFAFTSQ3OKRAN3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KTUAGDLEHTH6HU66HBFAFTSQ3OKRAN3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/674LQPJO2P2XTBTREFR5LOZMBTZ4PZAY/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/674LQPJO2P2XTBTREFR5LOZMBTZ4PZAY/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KQXOHIE3MNY3VQXEN7LDQUJNIHOVHAW/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KQXOHIE3MNY3VQXEN7LDQUJNIHOVHAW/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ENEHQIBMSI6TZVS35Y6I4FCTYUQDLJVP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ENEHQIBMSI6TZVS35Y6I4FCTYUQDLJVP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H3IQ7OQXBKWD3YP7HO6KCNOMLE5ZO2IR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H3IQ7OQXBKWD3YP7HO6KCNOMLE5ZO2IR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3ICASXZI2UQYFJAOQWHSTNWGED3VXOE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3ICASXZI2UQYFJAOQWHSTNWGED3VXOE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCHXIWR5DHYO3RSO7RAHEC6VJKXD2EH2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCHXIWR5DHYO3RSO7RAHEC6VJKXD2EH2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7MEWYKIKMV2SKMGH4IDWVU3ZGJXBCPQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7MEWYKIKMV2SKMGH4IDWVU3ZGJXBCPQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RIQAMBA2IJUTQG5VOP5LZVIZRNCKXHEQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RIQAMBA2IJUTQG5VOP5LZVIZRNCKXHEQ/" }, { "reference_url": "https://security.gentoo.org/glsa/202107-05", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202107-05" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200924-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20200924-0001/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1877788", "reference_id": "1877788", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1877788" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969529", "reference_id": "969529", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969529" }, { "reference_url": "https://security.archlinux.org/ASA-202011-15", "reference_id": "ASA-202011-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-15" }, { "reference_url": "https://security.archlinux.org/AVG-1263", "reference_id": "AVG-1263", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1263" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24977", "reference_id": "CVE-2020-24977", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1597", "reference_id": "RHSA-2021:1597", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1597" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2020-24977" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1sh8-bsk3-auct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38621?format=api", "vulnerability_id": "VCID-1vsu-txd5-qbf3", "summary": "Out-of-bounds Read\nlibxml2 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9049.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9049.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64318", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64349", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64363", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64371", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.6436", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452556", "reference_id": "1452556", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452556" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863019", "reference_id": "863019", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863019" }, { "reference_url": "http://www.securityfocus.com/bid/98601", "reference_id": "98601", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:20:28Z/" } ], "url": "http://www.securityfocus.com/bid/98601" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9049", "reference_id": "CVE-2017-9049", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9049" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:20:28Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:20:28Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5477?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-9049" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1vsu-txd5-qbf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39424?format=api", "vulnerability_id": "VCID-1zr7-kx71-tkcr", "summary": "Improper Restriction of XML External Entity Reference\nA flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7375.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7375.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63656", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63626", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63668", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63676", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1038623", "reference_id": "1038623", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/" } ], "url": "http://www.securitytracker.com/id/1038623" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462203", "reference_id": "1462203", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462203" }, { "reference_url": "https://source.android.com/security/bulletin/2017-06-01", "reference_id": "2017-06-01", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/" } ], "url": "https://source.android.com/security/bulletin/2017-06-01" }, { "reference_url": "https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa", "reference_id": "308396a55280f69ad4112d4f9892f4cbeff042aa", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/" } ], "url": "https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870867", "reference_id": "870867", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870867" }, { "reference_url": "http://www.securityfocus.com/bid/98877", "reference_id": "98877", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/" } ], "url": "http://www.securityfocus.com/bid/98877" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7375", "reference_id": "CVE-2017-7375", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7375" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3952", "reference_id": "dsa-3952", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/" } ], "url": "https://www.debian.org/security/2017/dsa-3952" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e", "reference_id": "?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5477?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-7375" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1zr7-kx71-tkcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77988?format=api", "vulnerability_id": "VCID-2rbs-7dzf-wffv", "summary": "Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3102.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3102.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3102", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83914", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83937", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.8394", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83935", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83925", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3102" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674191", "reference_id": "674191", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674191" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=822109", "reference_id": "822109", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=822109" }, { "reference_url": "https://security.gentoo.org/glsa/201207-02", "reference_id": "GLSA-201207-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201207-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1288", "reference_id": "RHSA-2012:1288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1288" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217", "reference_id": "RHSA-2013:0217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0217" }, { "reference_url": "https://usn.ubuntu.com/1447-1/", "reference_id": "USN-1447-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1447-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "CVE-2011-3102" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2rbs-7dzf-wffv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38115?format=api", "vulnerability_id": "VCID-2wkc-xqzc-e3g2", "summary": "Use After Free\nMultiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allow remote attackers to cause a denial of service via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1837.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1837.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.67208", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.67249", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.67257", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.67241", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.67224", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338696", "reference_id": "1338696", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338696" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1837", "reference_id": "CVE-2016-1837", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1837" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1837" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2wkc-xqzc-e3g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38118?format=api", "vulnerability_id": "VCID-3ean-ys5t-bydz", "summary": "Out-of-bounds Read\nThe htmlCurrentChar function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1833.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1833.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.61004", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.61053", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.61061", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.61049", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00399", "scoring_system": "epss", "scoring_elements": "0.61032", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338682", "reference_id": "1338682", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338682" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1833", "reference_id": "CVE-2016-1833", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1833" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1833" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ean-ys5t-bydz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38114?format=api", "vulnerability_id": "VCID-3s6k-9cgk-dfd6", "summary": "Use After Free\nUse-after-free vulnerability in the xmlDictComputeFastKey function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1836.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1836.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01305", "scoring_system": "epss", "scoring_elements": "0.80109", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01305", "scoring_system": "epss", "scoring_elements": "0.80135", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01305", "scoring_system": "epss", "scoring_elements": "0.80139", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01305", "scoring_system": "epss", "scoring_elements": "0.80127", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338702", "reference_id": "1338702", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338702" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1836", "reference_id": "CVE-2016-1836", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1836" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3s6k-9cgk-dfd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37549?format=api", "vulnerability_id": "VCID-43m9-cg6h-nuet", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nparser.c in libxml2, as used in Google Chrome and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2877.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2877.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2877", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70629", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70671", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70679", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70662", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.7065", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2853" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2870" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2875", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2875" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2878", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2878" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2879", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2879" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2880", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2880" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=715531", "reference_id": "715531", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=715531" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=983204", "reference_id": "983204", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=983204" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2877", "reference_id": "CVE-2013-2877", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2877" }, { "reference_url": "https://security.gentoo.org/glsa/201309-16", "reference_id": "GLSA-201309-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-16" }, { "reference_url": "https://security.gentoo.org/glsa/201311-06", "reference_id": "GLSA-201311-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-06" }, { "reference_url": "https://security.gentoo.org/glsa/201412-11", "reference_id": "GLSA-201412-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0513", "reference_id": "RHSA-2014:0513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0513" }, { "reference_url": "https://usn.ubuntu.com/1904-1/", "reference_id": "USN-1904-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1904-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4599?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5" } ], "aliases": [ "CVE-2013-2877" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-43m9-cg6h-nuet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5277?format=api", "vulnerability_id": "VCID-4sg9-pjmx-6kfy", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3541.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.19048", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.19008", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.19121", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.1908", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.19122", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3541" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1950515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1950515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3541" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210805-0007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20210805-0007/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988603", "reference_id": "988603", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988603" }, { "reference_url": "https://security.archlinux.org/AVG-1883", "reference_id": "AVG-1883", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1883" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3541", "reference_id": "CVE-2021-3541", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3541" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2569", "reference_id": "RHSA-2021:2569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2021-3541" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4sg9-pjmx-6kfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4369?format=api", "vulnerability_id": "VCID-512y-x2fd-4uh5", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5130.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5130.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5130", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.78981", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.78968", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.78995", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.79001", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01165", "scoring_system": "epss", "scoring_elements": "0.78992", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5130" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101482", "reference_id": "101482", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "http://www.securityfocus.com/bid/101482" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503537", "reference_id": "1503537", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503537" }, { "reference_url": "https://crbug.com/722079", "reference_id": "722079", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "https://crbug.com/722079" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880000", "reference_id": "880000", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880000" }, { "reference_url": "https://security.archlinux.org/ASA-201710-27", "reference_id": "ASA-201710-27", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201710-27" }, { "reference_url": "https://security.archlinux.org/AVG-456", "reference_id": "AVG-456", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-456" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5130", "reference_id": "CVE-2017-5130", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5130" }, { "reference_url": "https://security.gentoo.org/glsa/201710-24", "reference_id": "GLSA-201710-24", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "https://security.gentoo.org/glsa/201710-24" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed", "reference_id": "?id=897dffbae322b46b83f99a607d527058a72c51ed", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html", "reference_id": "msg00034.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2997", "reference_id": "RHSA-2017:2997", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2997" }, { "reference_url": "http://bugzilla.gnome.org/show_bug.cgi?id=783026", "reference_id": "show_bug.cgi?id=783026", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "http://bugzilla.gnome.org/show_bug.cgi?id=783026" }, { "reference_url": "https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/" } ], "url": "https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5477?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-5130" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-512y-x2fd-4uh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45025?format=api", "vulnerability_id": "VCID-5dmr-9sh2-w3hk", "summary": "This advisory has been invalidated.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28484.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28484.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28484", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.60241", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61212", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.61243", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00403", "scoring_system": "epss", "scoring_elements": "0.6123", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28484" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29469" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/491", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/491" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html" }, { "reference_url": "https://nokogiri.org/CHANGELOG.html#1143-2023-04-11", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nokogiri.org/CHANGELOG.html#1143-2023-04-11" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034436", "reference_id": "1034436", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034436" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185994", "reference_id": "2185994", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185994" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28484", "reference_id": "CVE-2023-28484", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28484" }, { "reference_url": "https://security.gentoo.org/glsa/202402-11", "reference_id": "GLSA-202402-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-11" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230601-0006/", "reference_id": "ntap-20230601-0006", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230601-0006/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0005/", "reference_id": "ntap-20240201-0005", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0005/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4349", "reference_id": "RHSA-2023:4349", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4529", "reference_id": "RHSA-2023:4529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0413", "reference_id": "RHSA-2024:0413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0413" }, { "reference_url": "https://usn.ubuntu.com/6028-1/", "reference_id": "USN-6028-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6028-1/" }, { "reference_url": "https://usn.ubuntu.com/6028-2/", "reference_id": "USN-6028-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6028-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2023-28484" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5dmr-9sh2-w3hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77999?format=api", "vulnerability_id": "VCID-5er3-1kbw-33gt", "summary": "libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states \"I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5969.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5969.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5969", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03505", "scoring_system": "epss", "scoring_elements": "0.87831", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03505", "scoring_system": "epss", "scoring_elements": "0.87852", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03505", "scoring_system": "epss", "scoring_elements": "0.87857", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.03505", "scoring_system": "epss", "scoring_elements": "0.87854", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03505", "scoring_system": "epss", "scoring_elements": "0.87855", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5969" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1421996", "reference_id": "1421996", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1421996" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855001", "reference_id": "855001", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855001" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5477?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-5969" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5er3-1kbw-33gt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78001?format=api", "vulnerability_id": "VCID-5g9a-2484-rucp", "summary": "An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40304.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40304.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-40304", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44511", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44532", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44581", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44589", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44567", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-40304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3" }, { "reference_url": "https://nokogiri.org/CHANGELOG.html#1139-2022-10-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nokogiri.org/CHANGELOG.html#1139-2022-10-18" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022225", "reference_id": "1022225", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022225" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/21", "reference_id": "21", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/21" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136288", "reference_id": "2136288", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136288" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/24", "reference_id": "24", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/24" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/25", "reference_id": "25", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/25" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/26", "reference_id": "26", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/26" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/27", "reference_id": "27", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/27" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40304", "reference_id": "CVE-2022-40304", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40304" }, { "reference_url": "https://security.gentoo.org/glsa/202210-39", "reference_id": "GLSA-202210-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-39" }, { "reference_url": "https://support.apple.com/kb/HT213531", "reference_id": "HT213531", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://support.apple.com/kb/HT213531" }, { "reference_url": "https://support.apple.com/kb/HT213533", "reference_id": "HT213533", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://support.apple.com/kb/HT213533" }, { "reference_url": "https://support.apple.com/kb/HT213534", "reference_id": "HT213534", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://support.apple.com/kb/HT213534" }, { "reference_url": "https://support.apple.com/kb/HT213535", "reference_id": "HT213535", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://support.apple.com/kb/HT213535" }, { "reference_url": "https://support.apple.com/kb/HT213536", "reference_id": "HT213536", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://support.apple.com/kb/HT213536" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221209-0003/", "reference_id": "ntap-20221209-0003", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221209-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0173", "reference_id": "RHSA-2023:0173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0338", "reference_id": "RHSA-2023:0338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0413", "reference_id": "RHSA-2024:0413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0413" }, { "reference_url": "https://usn.ubuntu.com/5760-1/", "reference_id": "USN-5760-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5760-1/" }, { "reference_url": "https://usn.ubuntu.com/5760-2/", "reference_id": "USN-5760-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5760-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2022-40304" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5g9a-2484-rucp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77985?format=api", "vulnerability_id": "VCID-5rs7-d9hu-rke7", "summary": "Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2834.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2834.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.029", "scoring_system": "epss", "scoring_elements": "0.86617", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.029", "scoring_system": "epss", "scoring_elements": "0.8664", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.029", "scoring_system": "epss", "scoring_elements": "0.86635", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.029", "scoring_system": "epss", "scoring_elements": "0.86625", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643648", "reference_id": "643648", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643648" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=735751", "reference_id": "735751", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=735751" }, { "reference_url": "https://security.gentoo.org/glsa/201110-26", "reference_id": "GLSA-201110-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-26" }, { "reference_url": "https://security.gentoo.org/glsa/201111-01", "reference_id": "GLSA-201111-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201111-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1749", "reference_id": "RHSA-2011:1749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0016", "reference_id": "RHSA-2012:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0017", "reference_id": "RHSA-2012:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217", "reference_id": "RHSA-2013:0217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0217" }, { "reference_url": "https://usn.ubuntu.com/1334-1/", "reference_id": "USN-1334-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1334-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "CVE-2011-2834" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5rs7-d9hu-rke7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37981?format=api", "vulnerability_id": "VCID-5z25-mem7-hfcx", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 allows context-dependent attackers to cause a denial of service via unspecified vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7497.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7497.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78938", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78965", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78971", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78962", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.7895", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281862", "reference_id": "1281862", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281862" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7497", "reference_id": "CVE-2015-7497", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7497" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-7497" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5z25-mem7-hfcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38252?format=api", "vulnerability_id": "VCID-6bw6-4huq-dqex", "summary": "Improper Restriction of XML External Entity Reference\nlibxml2, as used in XMLSec and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9318.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9318.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9318", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30308", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30287", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30382", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30347", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30319", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395609", "reference_id": "1395609", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395609" }, { "reference_url": "https://usn.ubuntu.com/3739-2/", "reference_id": "3739-2", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/" } ], "url": "https://usn.ubuntu.com/3739-2/" }, { "reference_url": "https://github.com/lsh123/xmlsec/issues/43", "reference_id": "43", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/" } ], "url": "https://github.com/lsh123/xmlsec/issues/43" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844581", "reference_id": "844581", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844581" }, { "reference_url": "http://www.securityfocus.com/bid/94347", "reference_id": "94347", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/" } ], "url": "http://www.securityfocus.com/bid/94347" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9318", "reference_id": "CVE-2016-9318", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9318" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=772726", "reference_id": "show_bug.cgi?id=772726", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=772726" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2016-9318" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6bw6-4huq-dqex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38052?format=api", "vulnerability_id": "VCID-6hc4-jdej-gkcp", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlNextChar function in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1762.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1762.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02419", "scoring_system": "epss", "scoring_elements": "0.85409", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02419", "scoring_system": "epss", "scoring_elements": "0.85424", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02419", "scoring_system": "epss", "scoring_elements": "0.85429", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02419", "scoring_system": "epss", "scoring_elements": "0.854", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "http://www.securitytracker.com/id/1035353", "reference_id": "1035353", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://www.securitytracker.com/id/1035353" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338711", "reference_id": "1338711", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338711" }, { "reference_url": "http://www.securityfocus.com/bid/85059", "reference_id": "85059", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://www.securityfocus.com/bid/85059" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1762", "reference_id": "CVE-2016-1762", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1762" }, { "reference_url": "https://support.apple.com/HT206171", "reference_id": "HT206171", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://support.apple.com/HT206171" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602", "reference_id": "?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "index?page=content&id=SB10170", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "ovmbulletinjul2016-3090546.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "RHSA-2016-2957.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=759671", "reference_id": "show_bug.cgi?id=759671", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=759671" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1762" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6hc4-jdej-gkcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3272?format=api", "vulnerability_id": "VCID-6rnb-qe59-sbfy", "summary": "denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49796.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49796.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49796", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.83049", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.8306", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01777", "scoring_system": "epss", "scoring_elements": "0.83057", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49796" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107752", "reference_id": "1107752", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107752" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385", "reference_id": "2372385", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933", "reference_id": "933", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933" }, { "reference_url": "https://security.archlinux.org/AVG-2898", "reference_id": "AVG-2898", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2898" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9", "reference_id": "cpe:/a:redhat:cert_manager:1.16::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9", "reference_id": "cpe:/a:redhat:discovery:2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1", "reference_id": "cpe:/a:redhat:hummingbird:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9", "reference_id": "cpe:/a:redhat:insights_proxy:1.5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1", "reference_id": "cpe:/a:redhat:jboss_core_services:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8", "reference_id": "cpe:/a:redhat:openshift:4.12::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9", "reference_id": "cpe:/a:redhat:openshift:4.13::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9", "reference_id": "cpe:/a:redhat:openshift:4.14::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9", "reference_id": "cpe:/a:redhat:openshift:4.17::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9", "reference_id": "cpe:/a:redhat:openshift:4.18::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9", "reference_id": "cpe:/a:redhat:openshift:4.19::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9", "reference_id": "cpe:/a:redhat:openshift:4.20::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_file_integrity_operator:1::el9", "reference_id": "cpe:/a:redhat:openshift_file_integrity_operator:1::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_file_integrity_operator:1::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8", "reference_id": "cpe:/a:redhat:openshift_serverless:1.36::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9", "reference_id": "cpe:/a:redhat:webterminal:1.11::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9", "reference_id": "cpe:/a:redhat:webterminal:1.12::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-49796", "reference_id": "CVE-2025-49796", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-49796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10630", "reference_id": "RHSA-2025:10630", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10698", "reference_id": "RHSA-2025:10698", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10699", "reference_id": "RHSA-2025:10699", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11580", "reference_id": "RHSA-2025:11580", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12098", "reference_id": "RHSA-2025:12098", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12099", "reference_id": "RHSA-2025:12099", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12199", "reference_id": "RHSA-2025:12199", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12237", "reference_id": "RHSA-2025:12237", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12239", "reference_id": "RHSA-2025:12239", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12240", "reference_id": "RHSA-2025:12240", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12241", "reference_id": "RHSA-2025:12241", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13335", "reference_id": "RHSA-2025:13335", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15397", "reference_id": "RHSA-2025:15397", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15397" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15827", "reference_id": "RHSA-2025:15827", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15828", "reference_id": "RHSA-2025:15828", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18217", "reference_id": "RHSA-2025:18217", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:18217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18218", "reference_id": "RHSA-2025:18218", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:18218" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18219", "reference_id": "RHSA-2025:18219", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:18219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18240", "reference_id": "RHSA-2025:18240", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:18240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19020", "reference_id": "RHSA-2025:19020", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19041", "reference_id": "RHSA-2025:19041", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19046", "reference_id": "RHSA-2025:19046", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19894", "reference_id": "RHSA-2025:19894", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19894" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21913", "reference_id": "RHSA-2025:21913", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21913" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7519", "reference_id": "RHSA-2026:7519", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:7519" }, { "reference_url": "https://usn.ubuntu.com/7694-1/", "reference_id": "USN-7694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-49796" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6rnb-qe59-sbfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5278?format=api", "vulnerability_id": "VCID-6t8y-27ba-cfa2", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3537.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3537.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3537", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29216", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29116", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29146", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29148", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29183", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3537" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956522", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3537" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3537.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3537.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/" }, { "reference_url": "https://nokogiri.org/CHANGELOG.html#1114-2021-05-14", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nokogiri.org/CHANGELOG.html#1114-2021-05-14" }, { "reference_url": "https://security.gentoo.org/glsa/202107-05", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202107-05" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210625-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210625-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210625-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20210625-0002/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988123", "reference_id": "988123", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988123" }, { "reference_url": "https://security.archlinux.org/AVG-1883", "reference_id": "AVG-1883", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1883" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3537", "reference_id": "CVE-2021-3537", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3537" }, { "reference_url": "https://github.com/advisories/GHSA-286v-pcf5-25rc", "reference_id": "GHSA-286v-pcf5-25rc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-286v-pcf5-25rc" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2569", "reference_id": "RHSA-2021:2569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2021-3537", "GHSA-286v-pcf5-25rc" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6t8y-27ba-cfa2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37470?format=api", "vulnerability_id": "VCID-7qqd-ze42-ayab", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2, as used in Google Chrome and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5134.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5134.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5134", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02065", "scoring_system": "epss", "scoring_elements": "0.84241", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02065", "scoring_system": "epss", "scoring_elements": "0.84264", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02065", "scoring_system": "epss", "scoring_elements": "0.84267", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02065", "scoring_system": "epss", "scoring_elements": "0.84261", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02065", "scoring_system": "epss", "scoring_elements": "0.84249", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5134" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694521", "reference_id": "694521", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694521" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=880466", "reference_id": "880466", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=880466" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5134", "reference_id": "CVE-2012-5134", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5134" }, { "reference_url": "https://security.gentoo.org/glsa/201311-06", "reference_id": "GLSA-201311-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1512", "reference_id": "RHSA-2012:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217", "reference_id": "RHSA-2013:0217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0217" }, { "reference_url": "https://usn.ubuntu.com/1656-1/", "reference_id": "USN-1656-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1656-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "CVE-2012-5134" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7qqd-ze42-ayab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77971?format=api", "vulnerability_id": "VCID-7x6g-x68k-tuc4", "summary": "libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3281.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3281.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3281", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74439", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74471", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74477", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74465", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00802", "scoring_system": "epss", "scoring_elements": "0.74447", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=458086", "reference_id": "458086", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=458086" }, { "reference_url": "https://security.gentoo.org/glsa/200812-06", "reference_id": "GLSA-200812-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0836", "reference_id": "RHSA-2008:0836", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0836" }, { "reference_url": "https://usn.ubuntu.com/640-1/", "reference_id": "USN-640-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/640-1/" }, { "reference_url": "https://usn.ubuntu.com/644-1/", "reference_id": "USN-644-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/644-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4595?format=api", "purl": "pkg:deb/debian/libxml2@2.6.32.dfsg-5%2Blenny5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2rbs-7dzf-wffv" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5rs7-d9hu-rke7" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-7qqd-ze42-ayab" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-b2jx-djjd-rbdx" }, { "vulnerability": "VCID-b37v-a8em-gkfr" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-bqh3-eze3-3qbv" }, { "vulnerability": "VCID-brg4-2x5t-akac" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-dmdw-gyj9-2ye5" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-fynm-ftmy-47eg" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jgtz-3gkg-dkbu" }, { "vulnerability": "VCID-jn88-q5mn-37gz" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kmvz-pynk-p7fn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-p8us-th5q-yuey" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rzc3-s4fv-7fhp" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-uqus-6prc-w7dh" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-v22x-mq8p-8qc7" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-xse1-pmep-nqdc" }, { "vulnerability": "VCID-xxpz-ak6z-5ufn" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.32.dfsg-5%252Blenny5" } ], "aliases": [ "CVE-2008-3281" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7x6g-x68k-tuc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52166?format=api", "vulnerability_id": "VCID-81dv-y5sg-9kgq", "summary": "Missing Release of Memory after Effective Lifetime\nxmlSchemaPreRun in xmlschemas.c in libxml2 allows an xmlSchemaValidateStream memory leak.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20388.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20388.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.70307", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.70256", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.70298", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.70278", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00614", "scoring_system": "epss", "scoring_elements": "0.70289", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20388" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799734", "reference_id": "1799734", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799734" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/", "reference_id": "545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/", "reference_id": "5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68", "reference_id": "68", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949583", "reference_id": "949583", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949583" }, { "reference_url": "https://security.archlinux.org/ASA-202011-15", "reference_id": "ASA-202011-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-15" }, { "reference_url": "https://security.archlinux.org/AVG-1263", "reference_id": "AVG-1263", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1263" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20388", "reference_id": "CVE-2019-20388", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20388" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/", "reference_id": "JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2644", "reference_id": "RHSA-2020:2644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2646", "reference_id": "RHSA-2020:2646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3996", "reference_id": "RHSA-2020:3996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4479", "reference_id": "RHSA-2020:4479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2019-20388" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-81dv-y5sg-9kgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45926?format=api", "vulnerability_id": "VCID-81t2-tsq4-x7ce", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nXmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39615.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39615.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39615", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30221", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30154", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30124", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30185", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39615" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/535", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:25:30Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/535" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051230", "reference_id": "1051230", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051230" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235864", "reference_id": "2235864", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235864" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39615", "reference_id": "CVE-2023-39615", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39615" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7544", "reference_id": "RHSA-2023:7544", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7544" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7626", "reference_id": "RHSA-2023:7626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7747", "reference_id": "RHSA-2023:7747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0119", "reference_id": "RHSA-2024:0119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0413", "reference_id": "RHSA-2024:0413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1317", "reference_id": "RHSA-2024:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1383", "reference_id": "RHSA-2024:1383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1477", "reference_id": "RHSA-2024:1477", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1477" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2023-39615" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-81t2-tsq4-x7ce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37982?format=api", "vulnerability_id": "VCID-8719-hux3-fugq", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7498.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7498.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78938", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78965", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78971", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.78962", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01161", "scoring_system": "epss", "scoring_elements": "0.7895", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281879", "reference_id": "1281879", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281879" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7498", "reference_id": "CVE-2015-7498", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7498" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-7498" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8719-hux3-fugq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77969?format=api", "vulnerability_id": "VCID-8ufh-w88r-kuc3", "summary": "The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6284.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6284.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05097", "scoring_system": "epss", "scoring_elements": "0.89991", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.05097", "scoring_system": "epss", "scoring_elements": "0.90007", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.05097", "scoring_system": "epss", "scoring_elements": "0.90006", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.05546", "scoring_system": "epss", "scoring_elements": "0.90442", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.05546", "scoring_system": "epss", "scoring_elements": "0.9044", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=425927", "reference_id": "425927", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=425927" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=460292", "reference_id": "460292", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=460292" }, { "reference_url": "https://security.gentoo.org/glsa/200801-20", "reference_id": "GLSA-200801-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200801-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0032", "reference_id": "RHSA-2008:0032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0032" }, { "reference_url": "https://usn.ubuntu.com/569-1/", "reference_id": "USN-569-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/569-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4595?format=api", "purl": "pkg:deb/debian/libxml2@2.6.32.dfsg-5%2Blenny5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2rbs-7dzf-wffv" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5rs7-d9hu-rke7" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-7qqd-ze42-ayab" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-b2jx-djjd-rbdx" }, { "vulnerability": "VCID-b37v-a8em-gkfr" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-bqh3-eze3-3qbv" }, { "vulnerability": "VCID-brg4-2x5t-akac" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-dmdw-gyj9-2ye5" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-fynm-ftmy-47eg" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jgtz-3gkg-dkbu" }, { "vulnerability": "VCID-jn88-q5mn-37gz" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kmvz-pynk-p7fn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-p8us-th5q-yuey" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rzc3-s4fv-7fhp" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-uqus-6prc-w7dh" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-v22x-mq8p-8qc7" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-xse1-pmep-nqdc" }, { "vulnerability": "VCID-xxpz-ak6z-5ufn" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.32.dfsg-5%252Blenny5" } ], "aliases": [ "CVE-2007-6284" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8ufh-w88r-kuc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77997?format=api", "vulnerability_id": "VCID-9d2s-f8da-pkgg", "summary": "Possible cross-site scripting vulnerability in libxml after commit 960f0e2.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3709.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3709.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3709", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38501", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.3859", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38537", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38593", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38565", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3709" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2112766", "reference_id": "2112766", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2112766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7715", "reference_id": "RHSA-2022:7715", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7715" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4767", "reference_id": "RHSA-2023:4767", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4767" }, { "reference_url": "https://usn.ubuntu.com/5548-1/", "reference_id": "USN-5548-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5548-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2016-3709" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9d2s-f8da-pkgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4780?format=api", "vulnerability_id": "VCID-9m3t-anwb-4fbx", "summary": "arbitrary code execution", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4658.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4658.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4658", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15391", "scoring_system": "epss", "scoring_elements": "0.94767", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.15391", "scoring_system": "epss", "scoring_elements": "0.94779", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.15391", "scoring_system": "epss", "scoring_elements": "0.94776", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.15391", "scoring_system": "epss", "scoring_elements": "0.94777", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4658" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1615", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1615" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://support.apple.com/HT207141", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT207141" }, { "reference_url": "https://support.apple.com/HT207142", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT207142" }, { "reference_url": "https://support.apple.com/HT207143", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT207143" }, { "reference_url": "https://support.apple.com/HT207170", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT207170" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384424", "reference_id": "1384424", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384424" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840553", "reference_id": "840553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840553" }, { "reference_url": "https://security.archlinux.org/ASA-201611-2", "reference_id": "ASA-201611-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-2" }, { "reference_url": "https://security.archlinux.org/AVG-56", "reference_id": "AVG-56", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-56" }, { "reference_url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4448.html", "reference_id": "CVE-2016-4448.HTML", "reference_type": "", "scores": [], "url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4448.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4658", "reference_id": "CVE-2016-4658", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4658" }, { "reference_url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html", "reference_id": "CVE-2016-4658.HTML", "reference_type": "", "scores": [], "url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html" }, { "reference_url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5131.html", "reference_id": "CVE-2016-5131.HTML", "reference_type": "", "scores": [], "url": "http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5131.html" }, { "reference_url": "https://github.com/advisories/GHSA-fr52-4hqw-p27f", "reference_id": "GHSA-fr52-4hqw-p27f", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fr52-4hqw-p27f" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3810", "reference_id": "RHSA-2021:3810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3810" }, { "reference_url": "https://usn.ubuntu.com/3235-1/", "reference_id": "USN-3235-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3235-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-4658", "GHSA-fr52-4hqw-p27f" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9m3t-anwb-4fbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52122?format=api", "vulnerability_id": "VCID-9usm-m2ey-7qad", "summary": "Missing Release of Memory after Effective Lifetime\nxmlParseBalancedChunkMemoryRecover in parser.c in libxml2 has a memory leak related to newDoc->oldNs.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19956.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19956.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19956", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43462", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43414", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43389", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43448", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43472", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788856", "reference_id": "1788856", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788856" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549", "reference_id": "5a02583c7e683896d84878bd90641d8d9b0d0549", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/", "reference_id": "5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19956", "reference_id": "CVE-2019-19956", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19956" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/", "reference_id": "JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html", "reference_id": "msg00032.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200114-0002/", "reference_id": "ntap-20200114-0002", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20200114-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2644", "reference_id": "RHSA-2020:2644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2646", "reference_id": "RHSA-2020:2646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3996", "reference_id": "RHSA-2020:3996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4479", "reference_id": "RHSA-2020:4479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2019-19956" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9usm-m2ey-7qad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38108?format=api", "vulnerability_id": "VCID-a611-3sqz-bkac", "summary": "Improper Input Validation\nThe xmlStringGetNodeList function in tree.c in libxml2, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3627.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3627.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24956", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24968", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24873", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24901", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24843", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://seclists.org/fulldisclosure/2016/May/10", "reference_id": "10", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://seclists.org/fulldisclosure/2016/May/10" }, { "reference_url": "http://www.securitytracker.com/id/1035335", "reference_id": "1035335", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://www.securitytracker.com/id/1035335" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1319829", "reference_id": "1319829", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1319829" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/03/21/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/03/21/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/03/21/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2016/03/21/3" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819006", "reference_id": "819006", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819006" }, { "reference_url": "http://www.securityfocus.com/bid/84992", "reference_id": "84992", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://www.securityfocus.com/bid/84992" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3627", "reference_id": "CVE-2016-3627", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3627" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239", "reference_id": "docDisplay?docId=emr_na-c05157239", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "index?page=content&id=SB10170", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html", "reference_id": "msg00055.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html", "reference_id": "msg00127.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "ovmbulletinjul2016-3090546.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "RHSA-2016-2957.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-3627" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a611-3sqz-bkac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76718?format=api", "vulnerability_id": "VCID-aj7d-6vcp-7yey", "summary": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9714.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9714.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9714", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01354", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01729", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01737", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9714" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605", "reference_id": "2392605", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21", "reference_id": "677a42645ef22b5a50741bad5facf9d8a8bc6d21", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-10T18:46:42Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22162", "reference_id": "RHSA-2025:22162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22163", "reference_id": "RHSA-2025:22163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22177", "reference_id": "RHSA-2025:22177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22376", "reference_id": "RHSA-2025:22376", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22376" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22377", "reference_id": "RHSA-2025:22377", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22377" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22868", "reference_id": "RHSA-2025:22868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23202", "reference_id": "RHSA-2025:23202", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23202" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23204", "reference_id": "RHSA-2025:23204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23205", "reference_id": "RHSA-2025:23205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23209", "reference_id": "RHSA-2025:23209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23227", "reference_id": "RHSA-2025:23227", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23227" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23234", "reference_id": "RHSA-2025:23234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23449", "reference_id": "RHSA-2025:23449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0414", "reference_id": "RHSA-2026:0414", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0677", "reference_id": "RHSA-2026:0677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0702", "reference_id": "RHSA-2026:0702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0978", "reference_id": "RHSA-2026:0978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0978" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0980", "reference_id": "RHSA-2026:0980", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0980" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0985", "reference_id": "RHSA-2026:0985", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0985" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0996", "reference_id": "RHSA-2026:0996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11349", "reference_id": "RHSA-2026:11349", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14832", "reference_id": "RHSA-2026:14832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14832" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14858", "reference_id": "RHSA-2026:14858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1539", "reference_id": "RHSA-2026:1539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1539" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1541", "reference_id": "RHSA-2026:1541", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1541" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15967", "reference_id": "RHSA-2026:15967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1652", "reference_id": "RHSA-2026:1652", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1652" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:21695", "reference_id": "RHSA-2026:21695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:21695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:22420", "reference_id": "RHSA-2026:22420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:22420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3461", "reference_id": "RHSA-2026:3461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3462", "reference_id": "RHSA-2026:3462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7519", "reference_id": "RHSA-2026:7519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7519" }, { "reference_url": "https://usn.ubuntu.com/7743-1/", "reference_id": "USN-7743-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7743-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-9714" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aj7d-6vcp-7yey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40102?format=api", "vulnerability_id": "VCID-akrb-6bu8-nqfq", "summary": "NULL Pointer Dereference\nA NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1543", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2019:1543" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14404.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14404.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.20012", "scoring_system": "epss", "scoring_elements": "0.95589", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.20012", "scoring_system": "epss", "scoring_elements": "0.95602", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.20012", "scoring_system": "epss", "scoring_elements": "0.95601", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.20012", "scoring_system": "epss", "scoring_elements": "0.95598", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.20012", "scoring_system": "epss", "scoring_elements": "0.95595", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14404" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1785", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1785" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/issues/10", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/issues/10" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190719-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190719-0002" }, { "reference_url": "https://usn.ubuntu.com/3739-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3739-1" }, { "reference_url": "https://usn.ubuntu.com/3739-2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3739-2" }, { "reference_url": "https://usn.ubuntu.com/3739-2/", "reference_id": "3739-2", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://usn.ubuntu.com/3739-2/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", "reference_id": "CVE-2018-14404", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14404" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-14404.yml", "reference_id": "CVE-2018-14404.YML", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-14404.yml" }, { "reference_url": "https://github.com/advisories/GHSA-6qvp-r6r3-9p7h", "reference_id": "GHSA-6qvp-r6r3-9p7h", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6qvp-r6r3-9p7h" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190719-0002/", "reference_id": "ntap-20190719-0002", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190719-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1190", "reference_id": "RHSA-2020:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1827", "reference_id": "RHSA-2020:1827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1827" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2018-14404", "GHSA-6qvp-r6r3-9p7h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-akrb-6bu8-nqfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38138?format=api", "vulnerability_id": "VCID-anzu-y37j-dbc2", "summary": "Improper Input Validation\nXML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4449.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4449.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31125", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31193", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.3116", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31124", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31092", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338701", "reference_id": "1338701", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338701" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4449", "reference_id": "CVE-2016-4449", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-4449" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-anzu-y37j-dbc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40179?format=api", "vulnerability_id": "VCID-aqrr-3ej8-ukaa", "summary": "Loop with Unreachable Exit Condition ('Infinite Loop')\nlibxml2, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14567.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14567.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14567", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71903", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71942", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71913", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.7195", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71928", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14567" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", "reference_id": "1619875", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1619875" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", "reference_id": "CVE-2018-14567", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14567" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1190", "reference_id": "RHSA-2020:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1190" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2018-14567" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aqrr-3ej8-ukaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77991?format=api", "vulnerability_id": "VCID-b2jx-djjd-rbdx", "summary": "Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2807.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2807.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2807", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81717", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81748", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81749", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01544", "scoring_system": "epss", "scoring_elements": "0.81742", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=679280", "reference_id": "679280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=679280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=835863", "reference_id": "835863", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=835863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1288", "reference_id": "RHSA-2012:1288", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1288" }, { "reference_url": "https://usn.ubuntu.com/1587-1/", "reference_id": "USN-1587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1587-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "CVE-2012-2807" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b2jx-djjd-rbdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77978?format=api", "vulnerability_id": "VCID-b37v-a8em-gkfr", "summary": "Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2414.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2414.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2414", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01289", "scoring_system": "epss", "scoring_elements": "0.79991", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01289", "scoring_system": "epss", "scoring_elements": "0.80016", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01289", "scoring_system": "epss", "scoring_elements": "0.80021", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01289", "scoring_system": "epss", "scoring_elements": "0.80015", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01289", "scoring_system": "epss", "scoring_elements": "0.80005", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=515195", "reference_id": "515195", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515195" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540865", "reference_id": "540865", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540865" }, { "reference_url": "https://security.gentoo.org/glsa/201009-07", "reference_id": "GLSA-201009-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201009-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1206", "reference_id": "RHSA-2009:1206", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1206" }, { "reference_url": "https://usn.ubuntu.com/815-1/", "reference_id": "USN-815-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/815-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4596?format=api", "purl": "pkg:deb/debian/libxml2@2.7.8.dfsg-2%2Bsqueeze8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2rbs-7dzf-wffv" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5rs7-d9hu-rke7" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-7qqd-ze42-ayab" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-b2jx-djjd-rbdx" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-bqh3-eze3-3qbv" }, { "vulnerability": "VCID-brg4-2x5t-akac" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-dmdw-gyj9-2ye5" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jgtz-3gkg-dkbu" }, { "vulnerability": "VCID-jn88-q5mn-37gz" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kmvz-pynk-p7fn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-p8us-th5q-yuey" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rzc3-s4fv-7fhp" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-v22x-mq8p-8qc7" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-xxpz-ak6z-5ufn" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-2%252Bsqueeze8" } ], "aliases": [ "CVE-2009-2414" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b37v-a8em-gkfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4945?format=api", "vulnerability_id": "VCID-bgcq-x9bd-83ap", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23308.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23308.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23308", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22494", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22467", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22565", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22516", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22578", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006489", "reference_id": "1006489", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006489" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056913", "reference_id": "2056913", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056913" }, { "reference_url": "https://security.archlinux.org/AVG-2726", "reference_id": "AVG-2726", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2726" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23308", "reference_id": "CVE-2022-23308", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23308" }, { "reference_url": "https://security.gentoo.org/glsa/202210-03", "reference_id": "GLSA-202210-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0899", "reference_id": "RHSA-2022:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://usn.ubuntu.com/5324-1/", "reference_id": "USN-5324-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5324-1/" }, { "reference_url": "https://usn.ubuntu.com/5422-1/", "reference_id": "USN-5422-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5422-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2022-23308" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bgcq-x9bd-83ap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37984?format=api", "vulnerability_id": "VCID-bksc-y3j7-ufek", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseMisc function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7500.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7500.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80737", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80764", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80766", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80763", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01397", "scoring_system": "epss", "scoring_elements": "0.80759", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281943", "reference_id": "1281943", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281943" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7500", "reference_id": "CVE-2015-7500", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-7500" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bksc-y3j7-ufek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77994?format=api", "vulnerability_id": "VCID-bm7f-1hbr-dyfx", "summary": "The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0191.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0191.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0191", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70802", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70845", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70852", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70834", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00636", "scoring_system": "epss", "scoring_elements": "0.70821", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0191" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1090976", "reference_id": "1090976", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1090976" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747309", "reference_id": "747309", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747309" }, { "reference_url": "https://security.gentoo.org/glsa/201409-08", "reference_id": "GLSA-201409-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201409-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0513", "reference_id": "RHSA-2014:0513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0749", "reference_id": "RHSA-2015:0749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0749" }, { "reference_url": "https://usn.ubuntu.com/2214-1/", "reference_id": "USN-2214-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2214-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4599?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5" } ], "aliases": [ "CVE-2014-0191" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bm7f-1hbr-dyfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77989?format=api", "vulnerability_id": "VCID-bqh3-eze3-3qbv", "summary": "libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3905.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3905.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01212", "scoring_system": "epss", "scoring_elements": "0.79321", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01212", "scoring_system": "epss", "scoring_elements": "0.79347", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01212", "scoring_system": "epss", "scoring_elements": "0.79352", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01212", "scoring_system": "epss", "scoring_elements": "0.79344", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01212", "scoring_system": "epss", "scoring_elements": "0.79335", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3905" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3905" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652352", "reference_id": "652352", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652352" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=767387", "reference_id": "767387", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=767387" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0016", "reference_id": "RHSA-2012:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0017", "reference_id": "RHSA-2012:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0018", "reference_id": "RHSA-2012:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217", "reference_id": "RHSA-2013:0217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0217" }, { "reference_url": "https://usn.ubuntu.com/1334-1/", "reference_id": "USN-1334-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1334-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "CVE-2011-3905" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bqh3-eze3-3qbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/319641?format=api", "vulnerability_id": "VCID-brg4-2x5t-akac", "summary": "regression update", "references": [], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "DSA-3057-2 libxml2" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-brg4-2x5t-akac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3274?format=api", "vulnerability_id": "VCID-c16x-s3zb-bbef", "summary": "denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49794.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49794.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49794", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63786", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.638", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63807", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63799", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49794" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107755", "reference_id": "1107755", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107755" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373", "reference_id": "2372373", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931", "reference_id": "931", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931" }, { "reference_url": "https://security.archlinux.org/AVG-2898", "reference_id": "AVG-2898", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2898" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9", "reference_id": "cpe:/a:redhat:cert_manager:1.16::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1", "reference_id": "cpe:/a:redhat:hummingbird:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9", "reference_id": "cpe:/a:redhat:insights_proxy:1.5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1", "reference_id": "cpe:/a:redhat:jboss_core_services:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8", "reference_id": "cpe:/a:redhat:openshift:4.12::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9", "reference_id": "cpe:/a:redhat:openshift:4.13::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9", "reference_id": "cpe:/a:redhat:openshift:4.14::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9", "reference_id": "cpe:/a:redhat:openshift:4.17::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9", "reference_id": "cpe:/a:redhat:openshift:4.18::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9", "reference_id": "cpe:/a:redhat:openshift:4.19::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9", "reference_id": "cpe:/a:redhat:openshift:4.20::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_file_integrity_operator:1::el9", "reference_id": "cpe:/a:redhat:openshift_file_integrity_operator:1::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_file_integrity_operator:1::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8", "reference_id": "cpe:/a:redhat:openshift_serverless:1.36::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9", "reference_id": "cpe:/a:redhat:webterminal:1.11::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9", "reference_id": "cpe:/a:redhat:webterminal:1.12::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-49794", "reference_id": "CVE-2025-49794", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-49794" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10630", "reference_id": "RHSA-2025:10630", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10698", "reference_id": "RHSA-2025:10698", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10699", "reference_id": "RHSA-2025:10699", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11580", "reference_id": "RHSA-2025:11580", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12098", "reference_id": "RHSA-2025:12098", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12099", "reference_id": "RHSA-2025:12099", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12199", "reference_id": "RHSA-2025:12199", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12237", "reference_id": "RHSA-2025:12237", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12239", "reference_id": "RHSA-2025:12239", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12240", "reference_id": "RHSA-2025:12240", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12241", "reference_id": "RHSA-2025:12241", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13335", "reference_id": "RHSA-2025:13335", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15397", "reference_id": "RHSA-2025:15397", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15397" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15827", "reference_id": "RHSA-2025:15827", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15828", "reference_id": "RHSA-2025:15828", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18217", "reference_id": "RHSA-2025:18217", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:18217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18218", "reference_id": "RHSA-2025:18218", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:18218" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18219", "reference_id": "RHSA-2025:18219", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:18219" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18240", "reference_id": "RHSA-2025:18240", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:18240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19020", "reference_id": "RHSA-2025:19020", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19041", "reference_id": "RHSA-2025:19041", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19046", "reference_id": "RHSA-2025:19046", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19894", "reference_id": "RHSA-2025:19894", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19894" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21913", "reference_id": "RHSA-2025:21913", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21913" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7519", "reference_id": "RHSA-2026:7519", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:7519" }, { "reference_url": "https://usn.ubuntu.com/7694-1/", "reference_id": "USN-7694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-49794" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c16x-s3zb-bbef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37897?format=api", "vulnerability_id": "VCID-cgmw-k7dg-gbdw", "summary": "Vulnerabilities in libxml2 and libxslt\nSeveral vulnerabilities were discovered in the libxml2 and libxslt libraries that this package gem depends on.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1419.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1419.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1819.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1819.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02045", "scoring_system": "epss", "scoring_elements": "0.8418", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02045", "scoring_system": "epss", "scoring_elements": "0.8417", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02045", "scoring_system": "epss", "scoring_elements": "0.84193", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02045", "scoring_system": "epss", "scoring_elements": "0.84197", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02045", "scoring_system": "epss", "scoring_elements": "0.84191", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-1819.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-1819.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/commit/8f3de6d88d0da11fb62a45daa61b85ce71b4af59", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/sparklemotion/nokogiri/commit/8f3de6d88d0da11fb62a45daa61b85ce71b4af59" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1374", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1374" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/pull/1376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/sparklemotion/nokogiri/pull/1376" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1819" }, { "reference_url": "https://security.gentoo.org/glsa/201507-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201507-08" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://support.apple.com/HT206166", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206166" }, { "reference_url": "https://support.apple.com/HT206167", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206167" }, { "reference_url": "https://support.apple.com/HT206168", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206168" }, { "reference_url": "https://support.apple.com/HT206169", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206169" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2812-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-2812-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211278", "reference_id": "1211278", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211278" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782782", "reference_id": "782782", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782782" }, { "reference_url": "https://github.com/advisories/GHSA-q7wx-62r7-j2x7", "reference_id": "GHSA-q7wx-62r7-j2x7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q7wx-62r7-j2x7" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1419", "reference_id": "RHSA-2015:1419", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1419" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://usn.ubuntu.com/2812-1/", "reference_id": "USN-2812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2812-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-1819", "GHSA-q7wx-62r7-j2x7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cgmw-k7dg-gbdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5281?format=api", "vulnerability_id": "VCID-ct17-yjud-f3a1", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3516.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3516.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3516", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59807", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59833", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59861", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59853", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59858", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3516" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954225", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954225" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3516" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/230" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987739", "reference_id": "987739", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987739" }, { "reference_url": "https://security.archlinux.org/AVG-1883", "reference_id": "AVG-1883", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1883" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3516", "reference_id": "CVE-2021-3516", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2569", "reference_id": "RHSA-2021:2569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2021-3516" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ct17-yjud-f3a1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/319637?format=api", "vulnerability_id": "VCID-dmdw-gyj9-2ye5", "summary": "security update", "references": [], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "DSA-2978-1 libxml2" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dmdw-gyj9-2ye5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38116?format=api", "vulnerability_id": "VCID-ds9f-6ppp-5fax", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlStrncat function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1834.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1834.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02308", "scoring_system": "epss", "scoring_elements": "0.8508", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02308", "scoring_system": "epss", "scoring_elements": "0.85075", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02308", "scoring_system": "epss", "scoring_elements": "0.85065", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02308", "scoring_system": "epss", "scoring_elements": "0.85052", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02308", "scoring_system": "epss", "scoring_elements": "0.85076", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1035890", "reference_id": "1035890", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://www.securitytracker.com/id/1035890" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338708", "reference_id": "1338708", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338708" }, { "reference_url": "http://www.securityfocus.com/bid/90691", "reference_id": "90691", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://www.securityfocus.com/bid/90691" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1834", "reference_id": "CVE-2016-1834", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1834" }, { "reference_url": "https://support.apple.com/HT206564", "reference_id": "HT206564", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://support.apple.com/HT206564" }, { "reference_url": "https://support.apple.com/HT206566", "reference_id": "HT206566", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://support.apple.com/HT206566" }, { "reference_url": "https://support.apple.com/HT206567", "reference_id": "HT206567", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://support.apple.com/HT206567" }, { "reference_url": "https://support.apple.com/HT206568", "reference_id": "HT206568", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://support.apple.com/HT206568" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704", "reference_id": "?id=8fbbf5513d609c1770b391b99e33314cd0742704", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170", "reference_id": "index?page=content&id=SB10170", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10170" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html", "reference_id": "msg00002.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html", "reference_id": "msg00004.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "ovmbulletinjul2016-3090546.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html", "reference_id": "RHSA-2016-2957.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=763071", "reference_id": "show_bug.cgi?id=763071", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=763071" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1834" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ds9f-6ppp-5fax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5280?format=api", "vulnerability_id": "VCID-e8w6-ax3x-wqan", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3517.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3517.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3517", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28421", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28413", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28452", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28493", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28379", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3517" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954232", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954232" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3517.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3517.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/blob/7c19ef5cc6b7c5c36827dd5495f857c6877ec8cf/CHANGELOG.md?plain=1#L579", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/blob/7c19ef5cc6b7c5c36827dd5495f857c6877ec8cf/CHANGELOG.md?plain=1#L579" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/2233", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/2233" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/2274", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/2274" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/" }, { "reference_url": "https://security.gentoo.org/glsa/202107-05", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://security.gentoo.org/glsa/202107-05" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210625-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210625-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210625-0002/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210625-0002/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211022-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20211022-0004" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20211022-0004/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20211022-0004/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987738", "reference_id": "987738", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987738" }, { "reference_url": "https://security.archlinux.org/AVG-1883", "reference_id": "AVG-1883", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1883" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/", "reference_id": "BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3517", "reference_id": "CVE-2021-3517", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3517" }, { "reference_url": "https://github.com/advisories/GHSA-jw9f-hh49-cvp9", "reference_id": "GHSA-jw9f-hh49-cvp9", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jw9f-hh49-cvp9" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/", "reference_id": "QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2569", "reference_id": "RHSA-2021:2569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2021-3517", "GHSA-jw9f-hh49-cvp9" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e8w6-ax3x-wqan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37944?format=api", "vulnerability_id": "VCID-eb5v-9a7f-xyf2", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7942.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7942.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77467", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77494", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77503", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01012", "scoring_system": "epss", "scoring_elements": "0.77483", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276297", "reference_id": "1276297", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276297" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802827", "reference_id": "802827", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802827" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7942", "reference_id": "CVE-2015-7942", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2812-1/", "reference_id": "USN-2812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2812-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-7942" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eb5v-9a7f-xyf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37978?format=api", "vulnerability_id": "VCID-efx2-bpu9-z7a4", "summary": "Vulnerabilities in libxml2\nSeveral vulnerabilities were discovered in the libxml2 library that this package gem depends on.", "references": [ { "reference_url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=bugtraq&m=145382616617563&w=2" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5312.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5312.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.78172", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.7816", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.78187", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.78194", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01078", "scoring_system": "epss", "scoring_elements": "0.78184", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5312" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-5312.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-5312.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/commit/4205af1a2a546f79d1b48df2ad8b27299c0099c5", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/sparklemotion/nokogiri/commit/4205af1a2a546f79d1b48df2ad8b27299c0099c5" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/pull/1378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/sparklemotion/nokogiri/pull/1378" }, { "reference_url": "https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s" }, { "reference_url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://support.apple.com/HT206166", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206166" }, { "reference_url": "https://support.apple.com/HT206167", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206167" }, { "reference_url": "https://support.apple.com/HT206168", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206168" }, { "reference_url": "https://support.apple.com/HT206169", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/HT206169" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2834-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-2834-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5312", "reference_id": "CVE-2015-5312", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5312" }, { "reference_url": "https://github.com/advisories/GHSA-xjqg-9jvg-fgx2", "reference_id": "GHSA-xjqg-9jvg-fgx2", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xjqg-9jvg-fgx2" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-5312", "GHSA-xjqg-9jvg-fgx2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-efx2-bpu9-z7a4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38085?format=api", "vulnerability_id": "VCID-egft-crba-6ubx", "summary": "Uncontrolled Resource Consumption\ndict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the \"<!DOCTYPE html\" substring in a crafted HTML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8806.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8806.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08565", "scoring_system": "epss", "scoring_elements": "0.92549", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.08565", "scoring_system": "epss", "scoring_elements": "0.92551", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.08565", "scoring_system": "epss", "scoring_elements": "0.92553", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.08565", "scoring_system": "epss", "scoring_elements": "0.92558", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.08565", "scoring_system": "epss", "scoring_elements": "0.92562", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8806" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=749115", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=749115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-8806.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-8806.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/commit/03d402212707bd5dfa0a21b7de5e91a7f9d90028", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/sparklemotion/nokogiri/commit/03d402212707bd5dfa0a21b7de5e91a7f9d90028" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1473", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1473" }, { "reference_url": "https://mail.gnome.org/archives/xml/2016-May/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://mail.gnome.org/archives/xml/2016-May/msg00023.html" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://web.archive.org/web/20160928171015/http://www.securityfocus.com/bid/82071", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160928171015/http://www.securityfocus.com/bid/82071" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3593", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2016/dsa-3593" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/02/03/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2016/02/03/5" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "reference_url": "http://www.ubuntu.com/usn/usn-2994-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-2994-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2994-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-2994-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1304636", "reference_id": "1304636", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1304636" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813613", "reference_id": "813613", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813613" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8806", "reference_id": "CVE-2015-8806", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8806" }, { "reference_url": "https://github.com/advisories/GHSA-7hp2-xwpj-95jq", "reference_id": "GHSA-7hp2-xwpj-95jq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7hp2-xwpj-95jq" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8806", "GHSA-7hp2-xwpj-95jq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-egft-crba-6ubx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38618?format=api", "vulnerability_id": "VCID-eh92-k5tc-vyab", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nlibxml2 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9048.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9048.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00601", "scoring_system": "epss", "scoring_elements": "0.69868", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00601", "scoring_system": "epss", "scoring_elements": "0.69895", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00601", "scoring_system": "epss", "scoring_elements": "0.69908", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00601", "scoring_system": "epss", "scoring_elements": "0.69916", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00601", "scoring_system": "epss", "scoring_elements": "0.69906", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452549", "reference_id": "1452549", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452549" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863021", "reference_id": "863021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863021" }, { "reference_url": "http://www.securityfocus.com/bid/98556", "reference_id": "98556", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:40:41Z/" } ], "url": "http://www.securityfocus.com/bid/98556" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9048", "reference_id": "CVE-2017-9048", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9048" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:40:41Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:40:41Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5477?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-9048" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eh92-k5tc-vyab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38015?format=api", "vulnerability_id": "VCID-ezzm-sgz4-xbaa", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2073.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2073.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01506", "scoring_system": "epss", "scoring_elements": "0.81497", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01506", "scoring_system": "epss", "scoring_elements": "0.81525", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01506", "scoring_system": "epss", "scoring_elements": "0.81527", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01506", "scoring_system": "epss", "scoring_elements": "0.81524", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01506", "scoring_system": "epss", "scoring_elements": "0.81519", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301928", "reference_id": "1301928", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301928" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812807", "reference_id": "812807", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812807" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2073", "reference_id": "CVE-2016-2073", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2073" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-2073" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ezzm-sgz4-xbaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38112?format=api", "vulnerability_id": "VCID-f8jy-gtg6-x3f2", "summary": "Improper Input Validation\nThe (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3705.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3705.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00881", "scoring_system": "epss", "scoring_elements": "0.75722", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00881", "scoring_system": "epss", "scoring_elements": "0.75749", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00881", "scoring_system": "epss", "scoring_elements": "0.75746", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00881", "scoring_system": "epss", "scoring_elements": "0.75736", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00881", "scoring_system": "epss", "scoring_elements": "0.75724", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332443", "reference_id": "1332443", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332443" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823414", "reference_id": "823414", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823414" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3705", "reference_id": "CVE-2016-3705", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3705" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-3705" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f8jy-gtg6-x3f2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37980?format=api", "vulnerability_id": "VCID-f8q4-hk9r-6be4", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlNextChar function in libxml2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8241.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8241.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00843", "scoring_system": "epss", "scoring_elements": "0.75111", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00843", "scoring_system": "epss", "scoring_elements": "0.7514", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00843", "scoring_system": "epss", "scoring_elements": "0.75143", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00843", "scoring_system": "epss", "scoring_elements": "0.75136", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00843", "scoring_system": "epss", "scoring_elements": "0.75122", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281936", "reference_id": "1281936", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281936" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806384", "reference_id": "806384", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806384" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8241", "reference_id": "CVE-2015-8241", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8241" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f8q4-hk9r-6be4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4833?format=api", "vulnerability_id": "VCID-fda4-67cq-cqg4", "summary": "denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6021.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6021.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6021", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02116", "scoring_system": "epss", "scoring_elements": "0.84463", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02116", "scoring_system": "epss", "scoring_elements": "0.84444", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02116", "scoring_system": "epss", "scoring_elements": "0.8446", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02116", "scoring_system": "epss", "scoring_elements": "0.84456", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6021" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107720", "reference_id": "1107720", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107720" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406", "reference_id": "2372406", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/926", "reference_id": "926", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/926" }, { "reference_url": "https://security.archlinux.org/AVG-2899", "reference_id": "AVG-2899", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2899" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9", "reference_id": "cpe:/a:redhat:discovery:2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1", "reference_id": "cpe:/a:redhat:hummingbird:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9", "reference_id": "cpe:/a:redhat:insights_proxy:1.5::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1", "reference_id": "cpe:/a:redhat:jboss_core_services:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8", "reference_id": "cpe:/a:redhat:openshift:4.12::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9", "reference_id": "cpe:/a:redhat:openshift:4.13::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8", "reference_id": "cpe:/a:redhat:openshift:4.14::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9", "reference_id": "cpe:/a:redhat:openshift:4.14::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9", "reference_id": "cpe:/a:redhat:openshift:4.15::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9", "reference_id": "cpe:/a:redhat:openshift:4.16::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9", "reference_id": "cpe:/a:redhat:openshift:4.17::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9", "reference_id": "cpe:/a:redhat:openshift:4.18::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9", "reference_id": "cpe:/a:redhat:openshift:4.19::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-6021", "reference_id": "CVE-2025-6021", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-6021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10630", "reference_id": "RHSA-2025:10630", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10698", "reference_id": "RHSA-2025:10698", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10699", "reference_id": "RHSA-2025:10699", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11580", "reference_id": "RHSA-2025:11580", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11580" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11673", "reference_id": "RHSA-2025:11673", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:11673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12098", "reference_id": "RHSA-2025:12098", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12099", "reference_id": "RHSA-2025:12099", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12199", "reference_id": "RHSA-2025:12199", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12237", "reference_id": "RHSA-2025:12237", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12239", "reference_id": "RHSA-2025:12239", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12240", "reference_id": "RHSA-2025:12240", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12241", "reference_id": "RHSA-2025:12241", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13267", "reference_id": "RHSA-2025:13267", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13289", "reference_id": "RHSA-2025:13289", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13325", "reference_id": "RHSA-2025:13325", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13335", "reference_id": "RHSA-2025:13335", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13336", "reference_id": "RHSA-2025:13336", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:13336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14059", "reference_id": "RHSA-2025:14059", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:14059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14396", "reference_id": "RHSA-2025:14396", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:14396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15308", "reference_id": "RHSA-2025:15308", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15672", "reference_id": "RHSA-2025:15672", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:15672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19020", "reference_id": "RHSA-2025:19020", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7519", "reference_id": "RHSA-2026:7519", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:7519" }, { "reference_url": "https://usn.ubuntu.com/7694-1/", "reference_id": "USN-7694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-6021" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fda4-67cq-cqg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37972?format=api", "vulnerability_id": "VCID-fn1n-adz5-5fcy", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlGROW function in parser.c in libxml2 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7499.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7499.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72736", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.7272", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72758", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72767", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72749", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7499" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281925", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281925" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da" }, { "reference_url": "https://github.com/advisories/GHSA-jxjr-5h69-qw3w", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jxjr-5h69-qw3w" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-7499.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-7499.yml" }, { "reference_url": "https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM" }, { "reference_url": "https://security.gentoo.org/glsa/201701-37", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201701-37" }, { "reference_url": "https://web.archive.org/web/20210724022841/http://www.securityfocus.com/bid/79509", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210724022841/http://www.securityfocus.com/bid/79509" }, { "reference_url": "https://web.archive.org/web/20211205133229/https://securitytracker.com/id/1034243", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20211205133229/https://securitytracker.com/id/1034243" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3430", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2834-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-2834-1" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7499", "reference_id": "CVE-2015-7499", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7499" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" }, { "reference_url": "https://usn.ubuntu.com/2875-1/", "reference_id": "USN-2875-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2875-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-7499", "GHSA-jxjr-5h69-qw3w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fn1n-adz5-5fcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39421?format=api", "vulnerability_id": "VCID-frer-xevm-x7f7", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nBuffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7376.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7376.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.38332", "scoring_system": "epss", "scoring_elements": "0.97323", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.38332", "scoring_system": "epss", "scoring_elements": "0.97316", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.38332", "scoring_system": "epss", "scoring_elements": "0.9732", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.38332", "scoring_system": "epss", "scoring_elements": "0.97322", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462216", "reference_id": "1462216", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462216" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870865", "reference_id": "870865", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870865" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7376", "reference_id": "CVE-2017-7376", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7376" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5477?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-7376" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-frer-xevm-x7f7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37398?format=api", "vulnerability_id": "VCID-fynm-ftmy-47eg", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nlibxml2, as used in Google Chrome, Apple Safari, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4008.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4008.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4008", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00756", "scoring_system": "epss", "scoring_elements": "0.7363", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00756", "scoring_system": "epss", "scoring_elements": "0.73667", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00756", "scoring_system": "epss", "scoring_elements": "0.73671", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00756", "scoring_system": "epss", "scoring_elements": "0.73658", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00756", "scoring_system": "epss", "scoring_elements": "0.73643", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602609", "reference_id": "602609", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602609" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=645341", "reference_id": "645341", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=645341" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4008", "reference_id": "CVE-2010-4008", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4008" }, { "reference_url": "https://security.gentoo.org/glsa/201110-26", "reference_id": "GLSA-201110-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1749", "reference_id": "RHSA-2011:1749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0017", "reference_id": "RHSA-2012:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217", "reference_id": "RHSA-2013:0217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0217" }, { "reference_url": "https://usn.ubuntu.com/1016-1/", "reference_id": "USN-1016-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1016-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4596?format=api", "purl": "pkg:deb/debian/libxml2@2.7.8.dfsg-2%2Bsqueeze8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2rbs-7dzf-wffv" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5rs7-d9hu-rke7" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-7qqd-ze42-ayab" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-b2jx-djjd-rbdx" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-bqh3-eze3-3qbv" }, { "vulnerability": "VCID-brg4-2x5t-akac" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-dmdw-gyj9-2ye5" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jgtz-3gkg-dkbu" }, { "vulnerability": "VCID-jn88-q5mn-37gz" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kmvz-pynk-p7fn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-p8us-th5q-yuey" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rzc3-s4fv-7fhp" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-v22x-mq8p-8qc7" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-xxpz-ak6z-5ufn" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-2%252Bsqueeze8" } ], "aliases": [ "CVE-2010-4008" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fynm-ftmy-47eg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4944?format=api", "vulnerability_id": "VCID-gfk4-86ze-3bdx", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29824.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29824.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22549", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22524", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22617", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22572", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22632", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-29824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxslt/-/tags", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.gnome.org/GNOME/libxslt/-/tags" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010526", "reference_id": "1010526", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010526" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082158", "reference_id": "2082158", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2082158" }, { "reference_url": "https://security.archlinux.org/AVG-2726", "reference_id": "AVG-2726", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2726" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29824", "reference_id": "CVE-2022-29824", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29824" }, { "reference_url": "https://security.gentoo.org/glsa/202210-03", "reference_id": "GLSA-202210-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5250", "reference_id": "RHSA-2022:5250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5317", "reference_id": "RHSA-2022:5317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://usn.ubuntu.com/5422-1/", "reference_id": "USN-5422-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5422-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5477?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2022-29824" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gfk4-86ze-3bdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39554?format=api", "vulnerability_id": "VCID-j98t-paam-97ec", "summary": "Allocation of Resources Without Limits or Throttling\nThe xz_head function in xzlib.c in libxml2 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18258.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18258.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18258", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00898", "scoring_system": "epss", "scoring_elements": "0.76025", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00898", "scoring_system": "epss", "scoring_elements": "0.76038", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00898", "scoring_system": "epss", "scoring_elements": "0.76045", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00898", "scoring_system": "epss", "scoring_elements": "0.7602", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18258" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-18258.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-18258.yml" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10284", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10284" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190719-0001", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20190719-0001" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190719-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190719-0001/" }, { "reference_url": "https://usn.ubuntu.com/3739-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3739-1" }, { "reference_url": "https://usn.ubuntu.com/3739-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3739-1/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", "reference_id": "1566749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566749" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895245", "reference_id": "895245", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895245" }, { "reference_url": "https://security.archlinux.org/AVG-671", "reference_id": "AVG-671", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-671" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", "reference_id": "CVE-2017-18258", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18258" }, { "reference_url": "https://github.com/advisories/GHSA-882p-jqgm-f45g", "reference_id": "GHSA-882p-jqgm-f45g", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-882p-jqgm-f45g" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1190", "reference_id": "RHSA-2020:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1190" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2017-18258", "GHSA-882p-jqgm-f45g" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j98t-paam-97ec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77990?format=api", "vulnerability_id": "VCID-jgtz-3gkg-dkbu", "summary": "Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3919.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3919.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03188", "scoring_system": "epss", "scoring_elements": "0.87212", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03188", "scoring_system": "epss", "scoring_elements": "0.87235", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03188", "scoring_system": "epss", "scoring_elements": "0.87232", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03188", "scoring_system": "epss", "scoring_elements": "0.8723", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.03188", "scoring_system": "epss", "scoring_elements": "0.87226", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656377", "reference_id": "656377", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656377" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=771896", "reference_id": "771896", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=771896" }, { "reference_url": "https://security.gentoo.org/glsa/201202-09", "reference_id": "GLSA-201202-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201202-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0016", "reference_id": "RHSA-2012:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0017", "reference_id": "RHSA-2012:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0018", "reference_id": "RHSA-2012:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0104", "reference_id": "RHSA-2012:0104", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0104" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217", "reference_id": "RHSA-2013:0217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0217" }, { "reference_url": "https://usn.ubuntu.com/1334-1/", "reference_id": "USN-1334-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1334-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "CVE-2011-3919" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jgtz-3gkg-dkbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37415?format=api", "vulnerability_id": "VCID-jn88-q5mn-37gz", "summary": "Integer Overflow\nInteger overflow in xpath.c in libxml2, and libxml, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1944.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1944.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1944", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.96094", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.96099", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.96102", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.23686", "scoring_system": "epss", "scoring_elements": "0.96103", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1944" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628537", "reference_id": "628537", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628537" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=709747", "reference_id": "709747", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=709747" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1944", "reference_id": "CVE-2011-1944", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1944" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35810.txt", "reference_id": "CVE-2011-1944;OSVDB-73248", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35810.txt" }, { "reference_url": "https://www.securityfocus.com/bid/48056/info", "reference_id": "CVE-2011-1944;OSVDB-73248", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/48056/info" }, { "reference_url": "https://security.gentoo.org/glsa/201110-26", "reference_id": "GLSA-201110-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1749", "reference_id": "RHSA-2011:1749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0017", "reference_id": "RHSA-2012:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217", "reference_id": "RHSA-2013:0217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0217" }, { "reference_url": "https://usn.ubuntu.com/1153-1/", "reference_id": "USN-1153-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1153-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "CVE-2011-1944" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jn88-q5mn-37gz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38622?format=api", "vulnerability_id": "VCID-jtkn-83hh-x3et", "summary": "Out-of-bounds Read\nlibxml2 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9050.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9050.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54795", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54814", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54821", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54811", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54753", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1673", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1673" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://security.gentoo.org/glsa/201711-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/" } ], "url": "https://security.gentoo.org/glsa/201711-01" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3952", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/" } ], "url": "http://www.debian.org/security/2017/dsa-3952" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/05/15/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2017/05/15/1" }, { "reference_url": "http://www.securityfocus.com/bid/98568", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/" } ], "url": "http://www.securityfocus.com/bid/98568" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452553", "reference_id": "1452553", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452553" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863018", "reference_id": "863018", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863018" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9050", "reference_id": "CVE-2017-9050", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9050" }, { "reference_url": "https://github.com/advisories/GHSA-8c56-cpmw-89x7", "reference_id": "GHSA-8c56-cpmw-89x7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8c56-cpmw-89x7" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_id": "rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5477?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-9050", "GHSA-8c56-cpmw-89x7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jtkn-83hh-x3et" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78006?format=api", "vulnerability_id": "VCID-jwft-4pxx-5ydg", "summary": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46506", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46552", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46532", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24928" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098321", "reference_id": "1098321", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098321" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346421", "reference_id": "2346421", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346421" }, { "reference_url": "https://issues.oss-fuzz.com/issues/392687022", "reference_id": "392687022", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T03:55:31Z/" } ], "url": "https://issues.oss-fuzz.com/issues/392687022" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847", "reference_id": "847", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T03:55:31Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2482", "reference_id": "RHSA-2025:2482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2483", "reference_id": "RHSA-2025:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2507", "reference_id": "RHSA-2025:2507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2513", "reference_id": "RHSA-2025:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2654", "reference_id": "RHSA-2025:2654", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2654" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2660", "reference_id": "RHSA-2025:2660", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2660" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2673", "reference_id": "RHSA-2025:2673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2678", "reference_id": "RHSA-2025:2678", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2678" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2679", "reference_id": "RHSA-2025:2679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2686", "reference_id": "RHSA-2025:2686", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2686" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2789", "reference_id": "RHSA-2025:2789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3055", "reference_id": "RHSA-2025:3055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3297", "reference_id": "RHSA-2025:3297", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3297" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3368", "reference_id": "RHSA-2025:3368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3397", "reference_id": "RHSA-2025:3397", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3397" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3453", "reference_id": "RHSA-2025:3453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3569", "reference_id": "RHSA-2025:3569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3775", "reference_id": "RHSA-2025:3775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3780", "reference_id": "RHSA-2025:3780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3867", "reference_id": "RHSA-2025:3867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4005", "reference_id": "RHSA-2025:4005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9895", "reference_id": "RHSA-2025:9895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9895" }, { "reference_url": "https://usn.ubuntu.com/7302-1/", "reference_id": "USN-7302-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7302-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-24928" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jwft-4pxx-5ydg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51498?format=api", "vulnerability_id": "VCID-jxz3-ug52-cuhn", "summary": "libxml2 2.9.10 has an infinite loop in a certain end-of-file situation\nNokogiri has backported the patch for CVE-2020-7595 into its vendored version\nof libxml2, and released this as v1.10.8\n\nCVE-2020-7595 has not yet been addressed in an upstream libxml2 release, and\nso Nokogiri versions <= v1.10.7 are vulnerable.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7595.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7595.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7595", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00476", "scoring_system": "epss", "scoring_elements": "0.65244", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00476", "scoring_system": "epss", "scoring_elements": "0.65285", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00476", "scoring_system": "epss", "scoring_elements": "0.65273", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00476", "scoring_system": "epss", "scoring_elements": "0.65284", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00476", "scoring_system": "epss", "scoring_elements": "0.65296", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-7595" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7595", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7595" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2020-7595.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2020-7595.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1992", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1992" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/" }, { "reference_url": "https://security.gentoo.org/glsa/202010-04", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://security.gentoo.org/glsa/202010-04" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200702-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20200702-0005" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20200702-0005/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20200702-0005/" }, { "reference_url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08" }, { "reference_url": "https://usn.ubuntu.com/4274-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/4274-1" }, { "reference_url": "https://usn.ubuntu.com/4274-1/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://usn.ubuntu.com/4274-1/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799786", "reference_id": "1799786", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1799786" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/", "reference_id": "545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/", "reference_id": "5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949582", "reference_id": "949582", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949582" }, { "reference_url": "https://security.archlinux.org/ASA-202011-15", "reference_id": "ASA-202011-15", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202011-15" }, { "reference_url": "https://security.archlinux.org/AVG-1263", "reference_id": "AVG-1263", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1263" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7595", "reference_id": "CVE-2020-7595", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7595" }, { "reference_url": "https://github.com/advisories/GHSA-7553-jr98-vx47", "reference_id": "GHSA-7553-jr98-vx47", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7553-jr98-vx47" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/", "reference_id": "JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2644", "reference_id": "RHSA-2020:2644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:2646", "reference_id": "RHSA-2020:2646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:2646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3996", "reference_id": "RHSA-2020:3996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4479", "reference_id": "RHSA-2020:4479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0949", "reference_id": "RHSA-2021:0949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0949" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2020-7595", "GHSA-7553-jr98-vx47" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jxz3-ug52-cuhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77975?format=api", "vulnerability_id": "VCID-kb3k-r616-6fht", "summary": "Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4225.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4225.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4225", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04915", "scoring_system": "epss", "scoring_elements": "0.89787", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04915", "scoring_system": "epss", "scoring_elements": "0.89803", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.04915", "scoring_system": "epss", "scoring_elements": "0.89805", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4225" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=470480", "reference_id": "470480", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=470480" }, { "reference_url": "https://security.gentoo.org/glsa/200812-06", "reference_id": "GLSA-200812-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0988", "reference_id": "RHSA-2008:0988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0988" }, { "reference_url": "https://usn.ubuntu.com/673-1/", "reference_id": "USN-673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/673-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4595?format=api", "purl": "pkg:deb/debian/libxml2@2.6.32.dfsg-5%2Blenny5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2rbs-7dzf-wffv" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5rs7-d9hu-rke7" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-7qqd-ze42-ayab" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-b2jx-djjd-rbdx" }, { "vulnerability": "VCID-b37v-a8em-gkfr" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-bqh3-eze3-3qbv" }, { "vulnerability": "VCID-brg4-2x5t-akac" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-dmdw-gyj9-2ye5" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-fynm-ftmy-47eg" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jgtz-3gkg-dkbu" }, { "vulnerability": "VCID-jn88-q5mn-37gz" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kmvz-pynk-p7fn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-p8us-th5q-yuey" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rzc3-s4fv-7fhp" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-uqus-6prc-w7dh" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-v22x-mq8p-8qc7" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-xse1-pmep-nqdc" }, { "vulnerability": "VCID-xxpz-ak6z-5ufn" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.32.dfsg-5%252Blenny5" } ], "aliases": [ "CVE-2008-4225" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kb3k-r616-6fht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38119?format=api", "vulnerability_id": "VCID-kg69-mhxs-tkcx", "summary": "Out-of-bounds Read\nThe xmlDictAddString function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1839.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1839.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04546", "scoring_system": "epss", "scoring_elements": "0.89369", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04546", "scoring_system": "epss", "scoring_elements": "0.89388", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.04546", "scoring_system": "epss", "scoring_elements": "0.89387", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.04546", "scoring_system": "epss", "scoring_elements": "0.89386", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338703", "reference_id": "1338703", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338703" }, { "reference_url": "https://code.google.com/p/google-security-research/issues/detail?id=637", "reference_id": "CVE-2016-1839", "reference_type": "exploit", "scores": [], "url": "https://code.google.com/p/google-security-research/issues/detail?id=637" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39491.txt", "reference_id": "CVE-2016-1839", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39491.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1839", "reference_id": "CVE-2016-1839", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1839" ], "risk_score": 6.4, "exploitability": "2.0", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kg69-mhxs-tkcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77973?format=api", "vulnerability_id": "VCID-kg71-czqe-v7g5", "summary": "Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3529.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3529.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3529", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.56626", "scoring_system": "epss", "scoring_elements": "0.98161", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.56626", "scoring_system": "epss", "scoring_elements": "0.98163", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.56626", "scoring_system": "epss", "scoring_elements": "0.98162", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=461015", "reference_id": "461015", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=461015" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498768", "reference_id": "498768", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498768" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/8798.rb", "reference_id": "CVE-2008-3529;OSVDB-48158", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/8798.rb" }, { "reference_url": "https://security.gentoo.org/glsa/200812-06", "reference_id": "GLSA-200812-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0884", "reference_id": "RHSA-2008:0884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0886", "reference_id": "RHSA-2008:0886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0886" }, { "reference_url": "https://usn.ubuntu.com/644-1/", "reference_id": "USN-644-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/644-1/" }, { "reference_url": "https://usn.ubuntu.com/815-1/", "reference_id": "USN-815-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/815-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4595?format=api", "purl": "pkg:deb/debian/libxml2@2.6.32.dfsg-5%2Blenny5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2rbs-7dzf-wffv" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5rs7-d9hu-rke7" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-7qqd-ze42-ayab" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-b2jx-djjd-rbdx" }, { "vulnerability": "VCID-b37v-a8em-gkfr" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-bqh3-eze3-3qbv" }, { "vulnerability": "VCID-brg4-2x5t-akac" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-dmdw-gyj9-2ye5" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-fynm-ftmy-47eg" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jgtz-3gkg-dkbu" }, { "vulnerability": "VCID-jn88-q5mn-37gz" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kmvz-pynk-p7fn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-p8us-th5q-yuey" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rzc3-s4fv-7fhp" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-uqus-6prc-w7dh" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-v22x-mq8p-8qc7" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-xse1-pmep-nqdc" }, { "vulnerability": "VCID-xxpz-ak6z-5ufn" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.32.dfsg-5%252Blenny5" } ], "aliases": [ "CVE-2008-3529" ], "risk_score": 1.0, "exploitability": "2.0", "weighted_severity": "0.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kg71-czqe-v7g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37536?format=api", "vulnerability_id": "VCID-kmvz-pynk-p7fn", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nlibxml2 allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka \"internal entity expansion\" with linear complexity.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0338.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0338.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71779", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71818", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71825", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71801", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71787", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0338" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0338", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0338" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702260", "reference_id": "702260", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702260" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=912400", "reference_id": "912400", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=912400" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0338", "reference_id": "CVE-2013-0338", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0338" }, { "reference_url": "https://security.gentoo.org/glsa/201311-06", "reference_id": "GLSA-201311-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-06" }, { "reference_url": "https://security.gentoo.org/glsa/201412-11", "reference_id": "GLSA-201412-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0581", "reference_id": "RHSA-2013:0581", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0581" }, { "reference_url": "https://usn.ubuntu.com/1782-1/", "reference_id": "USN-1782-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1782-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "CVE-2013-0338" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kmvz-pynk-p7fn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/45037?format=api", "vulnerability_id": "VCID-kvkp-bve3-bqh7", "summary": "Double Free\nAn issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\\0' value).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29469.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29469.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29469", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36117", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.4467", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44723", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44701", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29469" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/510", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:02:27Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/510" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:02:27Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:02:27Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html" }, { "reference_url": "https://nokogiri.org/CHANGELOG.html#1143-2023-04-11", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nokogiri.org/CHANGELOG.html#1143-2023-04-11" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034437", "reference_id": "1034437", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034437" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185984", "reference_id": "2185984", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185984" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29469", "reference_id": "CVE-2023-29469", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29469" }, { "reference_url": "https://security.gentoo.org/glsa/202402-11", "reference_id": "GLSA-202402-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-11" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230601-0006/", "reference_id": "ntap-20230601-0006", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:02:27Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230601-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4349", "reference_id": "RHSA-2023:4349", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4529", "reference_id": "RHSA-2023:4529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4628", "reference_id": "RHSA-2023:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0413", "reference_id": "RHSA-2024:0413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0413" }, { "reference_url": "https://usn.ubuntu.com/6028-1/", "reference_id": "USN-6028-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6028-1/" }, { "reference_url": "https://usn.ubuntu.com/6028-2/", "reference_id": "USN-6028-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6028-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2023-29469" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kvkp-bve3-bqh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4779?format=api", "vulnerability_id": "VCID-m8d1-5qex-huf8", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5131.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5131.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5131", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0369", "scoring_system": "epss", "scoring_elements": "0.88168", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0369", "scoring_system": "epss", "scoring_elements": "0.88169", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0369", "scoring_system": "epss", "scoring_elements": "0.88144", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0369", "scoring_system": "epss", "scoring_elements": "0.88165", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1707", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1707" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5127", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5127" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5129", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5129" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5130", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5130" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5133", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5133" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5134", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5134" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5136", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5136" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5137" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1036428", "reference_id": "1036428", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://www.securitytracker.com/id/1036428" }, { "reference_url": "http://www.securitytracker.com/id/1038623", "reference_id": "1038623", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://www.securitytracker.com/id/1038623" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", "reference_id": "1358641", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358641" }, { "reference_url": "https://source.android.com/security/bulletin/2017-05-01", "reference_id": "2017-05-01", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://source.android.com/security/bulletin/2017-05-01" }, { "reference_url": "https://codereview.chromium.org/2127493002", "reference_id": "2127493002", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://codereview.chromium.org/2127493002" }, { "reference_url": "https://crbug.com/623378", "reference_id": "623378", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://crbug.com/623378" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840554", "reference_id": "840554", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840554" }, { "reference_url": "http://www.securityfocus.com/bid/92053", "reference_id": "92053", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://www.securityfocus.com/bid/92053" }, { "reference_url": "https://security.archlinux.org/ASA-201611-2", "reference_id": "ASA-201611-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-2" }, { "reference_url": "https://security.archlinux.org/AVG-56", "reference_id": "AVG-56", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-56" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", "reference_id": "CVE-2016-5131", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5131" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3637", "reference_id": "dsa-3637", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://www.debian.org/security/2016/dsa-3637" }, { "reference_url": "https://security.gentoo.org/glsa/201610-09", "reference_id": "GLSA-201610-09", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "https://security.gentoo.org/glsa/201610-09" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html", "reference_id": "msg00020.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html", "reference_id": "msg00021.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1485", "reference_id": "RHSA-2016:1485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1485" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1485.html", "reference_id": "RHSA-2016-1485.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1485.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1190", "reference_id": "RHSA-2020:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1190" }, { "reference_url": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", "reference_id": "stable-channel-update.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html" }, { "reference_url": "https://usn.ubuntu.com/3041-1/", "reference_id": "USN-3041-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3041-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3041-1", "reference_id": "USN-3041-1", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/" } ], "url": "http://www.ubuntu.com/usn/USN-3041-1" }, { "reference_url": "https://usn.ubuntu.com/3235-1/", "reference_id": "USN-3235-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3235-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-5131" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m8d1-5qex-huf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39177?format=api", "vulnerability_id": "VCID-m91c-mfu9-bbbh", "summary": "Loop with Unreachable Exit Condition ('Infinite Loop')\nparser.c in libxml2 does not prevent infinite recursion in parameter entities.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16932.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16932.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16932", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21755", "scoring_system": "epss", "scoring_elements": "0.95857", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.21755", "scoring_system": "epss", "scoring_elements": "0.95853", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.21755", "scoring_system": "epss", "scoring_elements": "0.95849", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16932" }, { "reference_url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=759579", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=759579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-16932.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-16932.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1714", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1714" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html" }, { "reference_url": "https://usn.ubuntu.com/3739-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3739-1" }, { "reference_url": "https://usn.ubuntu.com/3739-1/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://usn.ubuntu.com/3739-1/" }, { "reference_url": "https://usn.ubuntu.com/usn/usn-3504-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/usn/usn-3504-1/" }, { "reference_url": "http://xmlsoft.org/news.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "http://xmlsoft.org/news.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517316", "reference_id": "1517316", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517316" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882613", "reference_id": "882613", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882613" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961", "reference_id": "899a5d9f0ed13b8e32449a08a361e0de127dd961", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16932", "reference_id": "CVE-2017-16932", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16932" }, { "reference_url": "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html", "reference_id": "CVE-2017-16932.HTML", "reference_type": "", "scores": [], "url": "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html" }, { "reference_url": "https://github.com/advisories/GHSA-x2fm-93ww-ggvx", "reference_id": "GHSA-x2fm-93ww-ggvx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x2fm-93ww-ggvx" }, { "reference_url": "https://usn.ubuntu.com/3504-1/", "reference_id": "USN-3504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3504-1/" }, { "reference_url": "https://usn.ubuntu.com/3504-2/", "reference_id": "USN-3504-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3504-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2017-16932", "GHSA-x2fm-93ww-ggvx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m91c-mfu9-bbbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77998?format=api", "vulnerability_id": "VCID-msku-25sz-rbeg", "summary": "A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0663.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0663.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00893", "scoring_system": "epss", "scoring_elements": "0.75948", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00893", "scoring_system": "epss", "scoring_elements": "0.75951", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00893", "scoring_system": "epss", "scoring_elements": "0.75973", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00893", "scoring_system": "epss", "scoring_elements": "0.75965", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00893", "scoring_system": "epss", "scoring_elements": "0.75974", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462225", "reference_id": "1462225", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462225" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870870", "reference_id": "870870", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870870" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5477?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-0663" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-msku-25sz-rbeg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37768?format=api", "vulnerability_id": "VCID-ne9k-m48b-13cu", "summary": "Uncontrolled Resource Consumption\nparser.c in libxml2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the \"billion laughs\" attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3660.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3660.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3660", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03894", "scoring_system": "epss", "scoring_elements": "0.88476", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03894", "scoring_system": "epss", "scoring_elements": "0.88494", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03894", "scoring_system": "epss", "scoring_elements": "0.88496", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03894", "scoring_system": "epss", "scoring_elements": "0.88495", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3660" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1149084", "reference_id": "1149084", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1149084" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765722", "reference_id": "765722", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765722" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3660", "reference_id": "CVE-2014-3660", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3660" }, { "reference_url": "https://security.gentoo.org/glsa/201412-06", "reference_id": "GLSA-201412-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1655", "reference_id": "RHSA-2014:1655", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1655" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1885", "reference_id": "RHSA-2014:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1885" }, { "reference_url": "https://usn.ubuntu.com/2389-1/", "reference_id": "USN-2389-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2389-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2014-3660" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ne9k-m48b-13cu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77983?format=api", "vulnerability_id": "VCID-p8us-th5q-yuey", "summary": "Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2821.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2821.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2821", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01915", "scoring_system": "epss", "scoring_elements": "0.83642", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01915", "scoring_system": "epss", "scoring_elements": "0.83666", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01915", "scoring_system": "epss", "scoring_elements": "0.83663", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01915", "scoring_system": "epss", "scoring_elements": "0.83655", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2821" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643648", "reference_id": "643648", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643648" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=735712", "reference_id": "735712", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=735712" }, { "reference_url": "https://security.gentoo.org/glsa/201110-26", "reference_id": "GLSA-201110-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1749", "reference_id": "RHSA-2011:1749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217", "reference_id": "RHSA-2013:0217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0217" }, { "reference_url": "https://usn.ubuntu.com/1334-1/", "reference_id": "USN-1334-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1334-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "CVE-2011-2821" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p8us-th5q-yuey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78003?format=api", "vulnerability_id": "VCID-pdus-4wua-fucn", "summary": "An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34459.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34459.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34459", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04197", "scoring_system": "epss", "scoring_elements": "0.88936", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.04197", "scoring_system": "epss", "scoring_elements": "0.88937", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-34459" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071162", "reference_id": "1071162", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071162" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280532", "reference_id": "2280532", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280532" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/", "reference_id": "5HVUXKYTBWT3G5DEEQX62STJQBY367NL", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/", "reference_id": "INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/" }, { "reference_url": "https://usn.ubuntu.com/7240-1/", "reference_id": "USN-7240-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7240-1/" }, { "reference_url": "https://usn.ubuntu.com/7302-1/", "reference_id": "USN-7302-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7302-1/" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8", "reference_id": "v2.11.8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7", "reference_id": "v2.12.7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/", "reference_id": "VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2024-34459" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pdus-4wua-fucn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37973?format=api", "vulnerability_id": "VCID-pgfh-4snq-pbe6", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8242.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8242.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8242", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.76986", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.77019", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.77028", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.77016", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00972", "scoring_system": "epss", "scoring_elements": "0.77005", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8242" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281950", "reference_id": "1281950", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281950" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805146", "reference_id": "805146", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805146" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8242", "reference_id": "CVE-2015-8242", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8242" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pgfh-4snq-pbe6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38113?format=api", "vulnerability_id": "VCID-q1rm-fyhj-kbfu", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1840.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1840.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.81964", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.81998", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.81999", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.82", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.81993", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338706", "reference_id": "1338706", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338706" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1840", "reference_id": "CVE-2016-1840", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1840" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q1rm-fyhj-kbfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38137?format=api", "vulnerability_id": "VCID-q736-5feg-q3h2", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseElementDecl function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4447.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4447.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02658", "scoring_system": "epss", "scoring_elements": "0.86061", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02658", "scoring_system": "epss", "scoring_elements": "0.86082", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02658", "scoring_system": "epss", "scoring_elements": "0.86086", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02658", "scoring_system": "epss", "scoring_elements": "0.86081", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02658", "scoring_system": "epss", "scoring_elements": "0.8607", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338686", "reference_id": "1338686", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338686" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4447", "reference_id": "CVE-2016-4447", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-4447" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q736-5feg-q3h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78000?format=api", "vulnerability_id": "VCID-qa31-1xtw-ybdg", "summary": "An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40303.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40303.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-40303", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45889", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45914", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45957", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45961", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.4594", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-40303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3" }, { "reference_url": "https://nokogiri.org/CHANGELOG.html#1139-2022-10-18", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nokogiri.org/CHANGELOG.html#1139-2022-10-18" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022224", "reference_id": "1022224", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022224" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/21", "reference_id": "21", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/21" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136266", "reference_id": "2136266", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2136266" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/24", "reference_id": "24", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/24" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/25", "reference_id": "25", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/25" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/26", "reference_id": "26", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/26" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/Dec/27", "reference_id": "27", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "http://seclists.org/fulldisclosure/2022/Dec/27" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40303", "reference_id": "CVE-2022-40303", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40303" }, { "reference_url": "https://security.gentoo.org/glsa/202210-39", "reference_id": "GLSA-202210-39", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-39" }, { "reference_url": "https://support.apple.com/kb/HT213531", "reference_id": "HT213531", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://support.apple.com/kb/HT213531" }, { "reference_url": "https://support.apple.com/kb/HT213533", "reference_id": "HT213533", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://support.apple.com/kb/HT213533" }, { "reference_url": "https://support.apple.com/kb/HT213534", "reference_id": "HT213534", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://support.apple.com/kb/HT213534" }, { "reference_url": "https://support.apple.com/kb/HT213535", "reference_id": "HT213535", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://support.apple.com/kb/HT213535" }, { "reference_url": "https://support.apple.com/kb/HT213536", "reference_id": "HT213536", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://support.apple.com/kb/HT213536" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221209-0003/", "reference_id": "ntap-20221209-0003", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221209-0003/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8841", "reference_id": "RHSA-2022:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0173", "reference_id": "RHSA-2023:0173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0338", "reference_id": "RHSA-2023:0338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0413", "reference_id": "RHSA-2024:0413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0413" }, { "reference_url": "https://usn.ubuntu.com/5760-1/", "reference_id": "USN-5760-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5760-1/" }, { "reference_url": "https://usn.ubuntu.com/5760-2/", "reference_id": "USN-5760-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5760-2/" }, { "reference_url": "https://usn.ubuntu.com/7659-1/", "reference_id": "USN-7659-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7659-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2022-40303" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qa31-1xtw-ybdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46942?format=api", "vulnerability_id": "VCID-qv2p-47xc-eqc6", "summary": "Use After Free\nWhen using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25062.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25062.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25062", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37265", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.3733", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37335", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37302", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/604", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T17:35:33Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/604" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063234", "reference_id": "1063234", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063234" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262726", "reference_id": "2262726", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262726" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25062", "reference_id": "CVE-2024-25062", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25062" }, { "reference_url": "https://security.gentoo.org/glsa/202402-11", "reference_id": "GLSA-202402-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1317", "reference_id": "RHSA-2024:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2679", "reference_id": "RHSA-2024:2679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3299", "reference_id": "RHSA-2024:3299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3303", "reference_id": "RHSA-2024:3303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3625", "reference_id": "RHSA-2024:3625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3626", "reference_id": "RHSA-2024:3626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3626" }, { "reference_url": "https://usn.ubuntu.com/6658-1/", "reference_id": "USN-6658-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6658-1/" }, { "reference_url": "https://usn.ubuntu.com/6658-2/", "reference_id": "USN-6658-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6658-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2024-25062" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qv2p-47xc-eqc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78002?format=api", "vulnerability_id": "VCID-r3xn-5u5y-hbdw", "summary": "xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49043.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49043.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-49043", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.4481", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44836", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44879", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44886", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44865", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-49043" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-49043", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-49043" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094238", "reference_id": "1094238", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094238" }, { "reference_url": "https://github.com/php/php-src/issues/17467", "reference_id": "17467", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-27T14:52:22Z/" } ], "url": "https://github.com/php/php-src/issues/17467" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342118", "reference_id": "2342118", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342118" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b", "reference_id": "5a19e21605398cef6a8b1452477a8705cb41562b", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-27T14:52:22Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1350", "reference_id": "RHSA-2025:1350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1487", "reference_id": "RHSA-2025:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1516", "reference_id": "RHSA-2025:1516", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1516" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1517", "reference_id": "RHSA-2025:1517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1925", "reference_id": "RHSA-2025:1925", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1925" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2507", "reference_id": "RHSA-2025:2507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2678", "reference_id": "RHSA-2025:2678", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2678" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3775", "reference_id": "RHSA-2025:3775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3798", "reference_id": "RHSA-2025:3798", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3798" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4409", "reference_id": "RHSA-2025:4409", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4422", "reference_id": "RHSA-2025:4422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4677", "reference_id": "RHSA-2025:4677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7702", "reference_id": "RHSA-2025:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7702" }, { "reference_url": "https://usn.ubuntu.com/7240-1/", "reference_id": "USN-7240-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7240-1/" }, { "reference_url": "https://usn.ubuntu.com/7302-1/", "reference_id": "USN-7302-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7302-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2022-49043" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r3xn-5u5y-hbdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77980?format=api", "vulnerability_id": "VCID-rzc3-s4fv-7fhp", "summary": "Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0216.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0216.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0216", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03971", "scoring_system": "epss", "scoring_elements": "0.88593", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03971", "scoring_system": "epss", "scoring_elements": "0.88611", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.03971", "scoring_system": "epss", "scoring_elements": "0.88612", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03971", "scoring_system": "epss", "scoring_elements": "0.8861", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0216" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0216", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0216" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652352", "reference_id": "652352", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652352" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=724906", "reference_id": "724906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=724906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1749", "reference_id": "RHSA-2011:1749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0016", "reference_id": "RHSA-2012:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0017", "reference_id": "RHSA-2012:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217", "reference_id": "RHSA-2013:0217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0217" }, { "reference_url": "https://usn.ubuntu.com/1334-1/", "reference_id": "USN-1334-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1334-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "CVE-2011-0216" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rzc3-s4fv-7fhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3271?format=api", "vulnerability_id": "VCID-tn6n-x8d3-jqd3", "summary": "denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6170.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6170.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6170", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13011", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12886", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12972", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13008", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6170" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6170" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107938", "reference_id": "1107938", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107938" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372952", "reference_id": "2372952", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T16:05:03Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372952" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/941", "reference_id": "941", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T16:05:03Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/941" }, { "reference_url": "https://security.archlinux.org/AVG-2898", "reference_id": "AVG-2898", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2898" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1", "reference_id": "cpe:/a:redhat:hummingbird:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1", "reference_id": "cpe:/a:redhat:jboss_core_services:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-6170", "reference_id": "CVE-2025-6170", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T16:05:03Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-6170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7519", "reference_id": "RHSA-2026:7519", "reference_type": "", "scores": [ { "value": "2.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T16:05:03Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:7519" }, { "reference_url": "https://usn.ubuntu.com/7694-1/", "reference_id": "USN-7694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-6170" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tn6n-x8d3-jqd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77996?format=api", "vulnerability_id": "VCID-tt91-8gv4-3qh9", "summary": "Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1835.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1835.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02749", "scoring_system": "epss", "scoring_elements": "0.86269", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02749", "scoring_system": "epss", "scoring_elements": "0.86291", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02749", "scoring_system": "epss", "scoring_elements": "0.86293", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02749", "scoring_system": "epss", "scoring_elements": "0.86289", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02749", "scoring_system": "epss", "scoring_elements": "0.86278", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338691", "reference_id": "1338691", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338691" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1835" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tt91-8gv4-3qh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77976?format=api", "vulnerability_id": "VCID-tvkx-4rem-wydk", "summary": "Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4226.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4226.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4226", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07959", "scoring_system": "epss", "scoring_elements": "0.9221", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.07959", "scoring_system": "epss", "scoring_elements": "0.92222", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.07959", "scoring_system": "epss", "scoring_elements": "0.9222", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.07959", "scoring_system": "epss", "scoring_elements": "0.92218", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.07959", "scoring_system": "epss", "scoring_elements": "0.92219", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=470466", "reference_id": "470466", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=470466" }, { "reference_url": "https://security.gentoo.org/glsa/200812-06", "reference_id": "GLSA-200812-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0988", "reference_id": "RHSA-2008:0988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0988" }, { "reference_url": "https://usn.ubuntu.com/673-1/", "reference_id": "USN-673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/673-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4595?format=api", "purl": "pkg:deb/debian/libxml2@2.6.32.dfsg-5%2Blenny5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2rbs-7dzf-wffv" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5rs7-d9hu-rke7" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-7qqd-ze42-ayab" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-b2jx-djjd-rbdx" }, { "vulnerability": "VCID-b37v-a8em-gkfr" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-bqh3-eze3-3qbv" }, { "vulnerability": "VCID-brg4-2x5t-akac" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-dmdw-gyj9-2ye5" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-fynm-ftmy-47eg" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jgtz-3gkg-dkbu" }, { "vulnerability": "VCID-jn88-q5mn-37gz" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kmvz-pynk-p7fn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-p8us-th5q-yuey" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rzc3-s4fv-7fhp" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-uqus-6prc-w7dh" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-v22x-mq8p-8qc7" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-xse1-pmep-nqdc" }, { "vulnerability": "VCID-xxpz-ak6z-5ufn" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.32.dfsg-5%252Blenny5" } ], "aliases": [ "CVE-2008-4226" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tvkx-4rem-wydk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38069?format=api", "vulnerability_id": "VCID-u795-5dzy-gkbs", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8710.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8710.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04711", "scoring_system": "epss", "scoring_elements": "0.89558", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04711", "scoring_system": "epss", "scoring_elements": "0.89576", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.04711", "scoring_system": "epss", "scoring_elements": "0.89575", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.04711", "scoring_system": "epss", "scoring_elements": "0.89573", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213957", "reference_id": "1213957", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1213957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782985", "reference_id": "782985", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782985" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8710", "reference_id": "CVE-2015-8710", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2875-1/", "reference_id": "USN-2875-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2875-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8710" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u795-5dzy-gkbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4339?format=api", "vulnerability_id": "VCID-ueh5-fv4d-a7a8", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15412.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15412.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15412", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02535", "scoring_system": "epss", "scoring_elements": "0.85726", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02535", "scoring_system": "epss", "scoring_elements": "0.85731", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02535", "scoring_system": "epss", "scoring_elements": "0.85747", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02535", "scoring_system": "epss", "scoring_elements": "0.8575", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02535", "scoring_system": "epss", "scoring_elements": "0.85748", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15412" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=783160", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=783160" }, { "reference_url": "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html" }, { "reference_url": "https://crbug.com/727039", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://crbug.com/727039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-15412.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-15412.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/issues/1714", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/issues/1714" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html" }, { "reference_url": "https://security.gentoo.org/glsa/201801-03", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/201801-03" }, { "reference_url": "https://web.archive.org/web/20201208155618/http://www.securitytracker.com/id/1040348", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201208155618/http://www.securitytracker.com/id/1040348" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4086", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2018/dsa-4086" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", "reference_id": "1523128", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523128" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883790", "reference_id": "883790", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883790" }, { "reference_url": "https://security.archlinux.org/ASA-201712-5", "reference_id": "ASA-201712-5", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201712-5" }, { "reference_url": "https://security.archlinux.org/AVG-544", "reference_id": "AVG-544", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-544" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", "reference_id": "CVE-2017-15412", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15412" }, { "reference_url": "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html", "reference_id": "CVE-2017-15412.HTML", "reference_type": "", "scores": [], "url": "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html" }, { "reference_url": "https://github.com/advisories/GHSA-r58r-74gx-6wx3", "reference_id": "GHSA-r58r-74gx-6wx3", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r58r-74gx-6wx3" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3401", "reference_id": "RHSA-2017:3401", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0287", "reference_id": "RHSA-2018:0287", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1190", "reference_id": "RHSA-2020:1190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1190" }, { "reference_url": "https://usn.ubuntu.com/3513-1/", "reference_id": "USN-3513-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3513-1/" }, { "reference_url": "https://usn.ubuntu.com/3513-2/", "reference_id": "USN-3513-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3513-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5477?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-15412", "GHSA-r58r-74gx-6wx3" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ueh5-fv4d-a7a8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78008?format=api", "vulnerability_id": "VCID-uehj-g87n-sfcf", "summary": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32414.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32414.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32414", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10452", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10555", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10577", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10538", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102521", "reference_id": "1102521", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102521" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121", "reference_id": "2358121", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12098", "reference_id": "RHSA-2025:12098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12237", "reference_id": "RHSA-2025:12237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12239", "reference_id": "RHSA-2025:12239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12240", "reference_id": "RHSA-2025:12240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12241", "reference_id": "RHSA-2025:12241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13428", "reference_id": "RHSA-2025:13428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13429", "reference_id": "RHSA-2025:13429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13677", "reference_id": "RHSA-2025:13677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13681", "reference_id": "RHSA-2025:13681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13683", "reference_id": "RHSA-2025:13683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13684", "reference_id": "RHSA-2025:13684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14059", "reference_id": "RHSA-2025:14059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14644", "reference_id": "RHSA-2025:14644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14818", "reference_id": "RHSA-2025:14818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14819", "reference_id": "RHSA-2025:14819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14853", "reference_id": "RHSA-2025:14853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14858", "reference_id": "RHSA-2025:14858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15308", "reference_id": "RHSA-2025:15308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15672", "reference_id": "RHSA-2025:15672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16159", "reference_id": "RHSA-2025:16159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22529", "reference_id": "RHSA-2025:22529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8958", "reference_id": "RHSA-2025:8958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7519", "reference_id": "RHSA-2026:7519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7519" }, { "reference_url": "https://usn.ubuntu.com/7467-1/", "reference_id": "USN-7467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7467-1/" }, { "reference_url": "https://usn.ubuntu.com/7467-2/", "reference_id": "USN-7467-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7467-2/" }, { "reference_url": "https://usn.ubuntu.com/7896-1/", "reference_id": "USN-7896-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7896-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-32414" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uehj-g87n-sfcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78005?format=api", "vulnerability_id": "VCID-up1g-mjyj-pub4", "summary": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56171.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56171.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56171", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39775", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39825", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39828", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39802", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56171" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56171", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56171" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098320", "reference_id": "1098320", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098320" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346416", "reference_id": "2346416", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346416" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828", "reference_id": "828", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T16:26:31Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2482", "reference_id": "RHSA-2025:2482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2482" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2483", "reference_id": "RHSA-2025:2483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2507", "reference_id": "RHSA-2025:2507", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2507" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2513", "reference_id": "RHSA-2025:2513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2654", "reference_id": "RHSA-2025:2654", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2654" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2660", "reference_id": "RHSA-2025:2660", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2660" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2673", "reference_id": "RHSA-2025:2673", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2678", "reference_id": "RHSA-2025:2678", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2678" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2679", "reference_id": "RHSA-2025:2679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2686", "reference_id": "RHSA-2025:2686", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2686" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2789", "reference_id": "RHSA-2025:2789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3055", "reference_id": "RHSA-2025:3055", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3059", "reference_id": "RHSA-2025:3059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3066", "reference_id": "RHSA-2025:3066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3368", "reference_id": "RHSA-2025:3368", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3368" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3397", "reference_id": "RHSA-2025:3397", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3397" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3453", "reference_id": "RHSA-2025:3453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3569", "reference_id": "RHSA-2025:3569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3867", "reference_id": "RHSA-2025:3867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4005", "reference_id": "RHSA-2025:4005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9895", "reference_id": "RHSA-2025:9895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9895" }, { "reference_url": "https://usn.ubuntu.com/7302-1/", "reference_id": "USN-7302-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7302-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2024-56171" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-up1g-mjyj-pub4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37399?format=api", "vulnerability_id": "VCID-uqus-6prc-w7dh", "summary": "Double Free\nDouble free vulnerability in libxml2 and other versions, as used in Google Chrome and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4494.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01435", "scoring_system": "epss", "scoring_elements": "0.81038", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01435", "scoring_system": "epss", "scoring_elements": "0.81066", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01435", "scoring_system": "epss", "scoring_elements": "0.81069", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01435", "scoring_system": "epss", "scoring_elements": "0.81065", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01435", "scoring_system": "epss", "scoring_elements": "0.81061", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607922", "reference_id": "607922", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607922" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=665963", "reference_id": "665963", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=665963" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4494", "reference_id": "CVE-2010-4494", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4494" }, { "reference_url": "https://security.gentoo.org/glsa/201110-26", "reference_id": "GLSA-201110-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201110-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:1749", "reference_id": "RHSA-2011:1749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:1749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217", "reference_id": "RHSA-2013:0217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0217" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4596?format=api", "purl": "pkg:deb/debian/libxml2@2.7.8.dfsg-2%2Bsqueeze8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2rbs-7dzf-wffv" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5rs7-d9hu-rke7" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-7qqd-ze42-ayab" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-b2jx-djjd-rbdx" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-bqh3-eze3-3qbv" }, { "vulnerability": "VCID-brg4-2x5t-akac" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-dmdw-gyj9-2ye5" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jgtz-3gkg-dkbu" }, { "vulnerability": "VCID-jn88-q5mn-37gz" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kmvz-pynk-p7fn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-p8us-th5q-yuey" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rzc3-s4fv-7fhp" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-v22x-mq8p-8qc7" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-xxpz-ak6z-5ufn" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-2%252Bsqueeze8" } ], "aliases": [ "CVE-2010-4494" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uqus-6prc-w7dh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78009?format=api", "vulnerability_id": "VCID-ur8u-6xpb-g3g3", "summary": "In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32415.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32415.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32415", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.14106", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.14219", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.14223", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.14188", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103511", "reference_id": "1103511", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103511" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360768", "reference_id": "2360768", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13203", "reference_id": "RHSA-2025:13203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13428", "reference_id": "RHSA-2025:13428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13429", "reference_id": "RHSA-2025:13429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13622", "reference_id": "RHSA-2025:13622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13677", "reference_id": "RHSA-2025:13677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13681", "reference_id": "RHSA-2025:13681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13683", "reference_id": "RHSA-2025:13683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13684", "reference_id": "RHSA-2025:13684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13688", "reference_id": "RHSA-2025:13688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13689", "reference_id": "RHSA-2025:13689", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13788", "reference_id": "RHSA-2025:13788", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13788" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13789", "reference_id": "RHSA-2025:13789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13806", "reference_id": "RHSA-2025:13806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14059", "reference_id": "RHSA-2025:14059", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14059" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14186", "reference_id": "RHSA-2025:14186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14644", "reference_id": "RHSA-2025:14644", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14644" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14818", "reference_id": "RHSA-2025:14818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14819", "reference_id": "RHSA-2025:14819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14853", "reference_id": "RHSA-2025:14853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14858", "reference_id": "RHSA-2025:14858", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14858" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15308", "reference_id": "RHSA-2025:15308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15672", "reference_id": "RHSA-2025:15672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16159", "reference_id": "RHSA-2025:16159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22529", "reference_id": "RHSA-2025:22529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7519", "reference_id": "RHSA-2026:7519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7519" }, { "reference_url": "https://usn.ubuntu.com/7467-1/", "reference_id": "USN-7467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7467-1/" }, { "reference_url": "https://usn.ubuntu.com/7467-2/", "reference_id": "USN-7467-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7467-2/" }, { "reference_url": "https://usn.ubuntu.com/7896-1/", "reference_id": "USN-7896-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7896-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-32415" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ur8u-6xpb-g3g3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37627?format=api", "vulnerability_id": "VCID-v22x-mq8p-8qc7", "summary": "Uncontrolled Resource Consumption\nlibxml2 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0339.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0339.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0339", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.8307", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.83096", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.83093", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.83085", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0339" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0339", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0339" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702260", "reference_id": "702260", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702260" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=915149", "reference_id": "915149", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=915149" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/cve-2013-0339", "reference_id": "CVE-2013-0339", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0339" }, { "reference_url": "https://security.gentoo.org/glsa/201412-11", "reference_id": "GLSA-201412-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-11" }, { "reference_url": "https://usn.ubuntu.com/1904-1/", "reference_id": "USN-1904-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1904-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "CVE-2013-0339" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v22x-mq8p-8qc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78007?format=api", "vulnerability_id": "VCID-vfxe-t79s-3qbb", "summary": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27113.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27113.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27113", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26141", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.2625", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26243", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26197", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27113" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27113", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27113" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098322", "reference_id": "1098322", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098322" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346410", "reference_id": "2346410", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346410" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/861", "reference_id": "861", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T15:33:43Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/861" }, { "reference_url": "https://usn.ubuntu.com/7302-1/", "reference_id": "USN-7302-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7302-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2025-27113" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vfxe-t79s-3qbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37979?format=api", "vulnerability_id": "VCID-w156-x6fs-7baj", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseXMLDecl function in parser.c in libxml2 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8317.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8317.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00486", "scoring_system": "epss", "scoring_elements": "0.65725", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00486", "scoring_system": "epss", "scoring_elements": "0.65778", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00486", "scoring_system": "epss", "scoring_elements": "0.6579", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00486", "scoring_system": "epss", "scoring_elements": "0.65777", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00486", "scoring_system": "epss", "scoring_elements": "0.65767", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281930", "reference_id": "1281930", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281930" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8317", "reference_id": "CVE-2015-8317", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2549", "reference_id": "RHSA-2015:2549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2550", "reference_id": "RHSA-2015:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1089", "reference_id": "RHSA-2016:1089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1089" }, { "reference_url": "https://usn.ubuntu.com/2834-1/", "reference_id": "USN-2834-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2834-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" }, { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8317" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w156-x6fs-7baj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38596?format=api", "vulnerability_id": "VCID-wqc9-2nup-r7d5", "summary": "Out-of-bounds Read\nThe htmlParseTryOrFinish function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (buffer over-read) or information disclosure.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8872.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8872.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8872", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46294", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46316", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46361", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46363", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46342", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8872" }, { "reference_url": "https://bugzilla.gnome.org/show_bug.cgi?id=775200", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:59:00Z/" } ], "url": "https://bugzilla.gnome.org/show_bug.cgi?id=775200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8872" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:59:00Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449541", "reference_id": "1449541", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449541" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862450", "reference_id": "862450", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862450" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8872", "reference_id": "CVE-2017-8872", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8872" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5477?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-8872" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wqc9-2nup-r7d5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38620?format=api", "vulnerability_id": "VCID-x53x-k5cn-4fhv", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nA buffer overflow was discovered in libxml2 . The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is assigned strlen(buf). If the content->type is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content->prefix is appended to buf (if it actually fits) whereupon (ii) content->name is written to the buffer. However, the check for whether the content->name actually fits also uses 'len' rather than the updated buffer length strlen(buf). This allows us to write about \"size\" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9047.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9047.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0266", "scoring_system": "epss", "scoring_elements": "0.86065", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0266", "scoring_system": "epss", "scoring_elements": "0.86074", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0266", "scoring_system": "epss", "scoring_elements": "0.8609", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0266", "scoring_system": "epss", "scoring_elements": "0.86086", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0266", "scoring_system": "epss", "scoring_elements": "0.86087", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452554", "reference_id": "1452554", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452554" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863022", "reference_id": "863022", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863022" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9047", "reference_id": "CVE-2017-9047", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9047" }, { "reference_url": "https://usn.ubuntu.com/3424-1/", "reference_id": "USN-3424-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-1/" }, { "reference_url": "https://usn.ubuntu.com/3424-2/", "reference_id": "USN-3424-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3424-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5477?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-9047" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x53x-k5cn-4fhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77979?format=api", "vulnerability_id": "VCID-xse1-pmep-nqdc", "summary": "Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2416.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2416.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2416", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00504", "scoring_system": "epss", "scoring_elements": "0.66567", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00504", "scoring_system": "epss", "scoring_elements": "0.66559", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00504", "scoring_system": "epss", "scoring_elements": "0.66537", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00504", "scoring_system": "epss", "scoring_elements": "0.66519", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00504", "scoring_system": "epss", "scoring_elements": "0.66551", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2416" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/2420", "reference_id": "2420", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/2420" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3184", "reference_id": "3184", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3184" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/3217", "reference_id": "3217", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://www.vupen.com/english/advisories/2009/3217" }, { "reference_url": "http://secunia.com/advisories/35036", "reference_id": "35036", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://secunia.com/advisories/35036" }, { "reference_url": "http://www.securityfocus.com/bid/36010", "reference_id": "36010", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://www.securityfocus.com/bid/36010" }, { "reference_url": "http://secunia.com/advisories/36207", "reference_id": "36207", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://secunia.com/advisories/36207" }, { "reference_url": "http://secunia.com/advisories/36338", "reference_id": "36338", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://secunia.com/advisories/36338" }, { "reference_url": "http://secunia.com/advisories/36417", "reference_id": "36417", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://secunia.com/advisories/36417" }, { "reference_url": "http://secunia.com/advisories/36631", "reference_id": "36631", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://secunia.com/advisories/36631" }, { "reference_url": "http://secunia.com/advisories/37346", "reference_id": "37346", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://secunia.com/advisories/37346" }, { "reference_url": "http://secunia.com/advisories/37471", "reference_id": "37471", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://secunia.com/advisories/37471" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=515205", "reference_id": "515205", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515205" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540865", "reference_id": "540865", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540865" }, { "reference_url": "http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html", "reference_id": "CVE-2009-2414-2416.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1859", "reference_id": "dsa-1859", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://www.debian.org/security/2009/dsa-1859" }, { "reference_url": "https://security.gentoo.org/glsa/201009-07", "reference_id": "GLSA-201009-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201009-07" }, { "reference_url": "http://support.apple.com/kb/HT3937", "reference_id": "HT3937", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://support.apple.com/kb/HT3937" }, { "reference_url": "http://support.apple.com/kb/HT3949", "reference_id": "HT3949", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://support.apple.com/kb/HT3949" }, { "reference_url": "http://support.apple.com/kb/HT4225", "reference_id": "HT4225", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://support.apple.com/kb/HT4225" }, { "reference_url": "https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59", "reference_id": "?id=489f9671e71cc44a97b23111b3126ac8a1e21a59", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html", "reference_id": "msg00000.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html", "reference_id": "msg00001.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html", "reference_id": "msg00537.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html", "reference_id": "msg00547.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html", "reference_id": "msg00642.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html" }, { "reference_url": "http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html", "reference_id": "msg678527.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A7783", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262", "reference_id": "oval%3Aorg.mitre.oval%3Adef%3A9262", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1206", "reference_id": "RHSA-2009:1206", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1206" }, { "reference_url": "http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html", "reference_id": "stable-update-security-fixes.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html" }, { "reference_url": "https://usn.ubuntu.com/815-1/", "reference_id": "USN-815-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/815-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-815-1", "reference_id": "USN-815-1", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://www.ubuntu.com/usn/USN-815-1" }, { "reference_url": "http://www.codenomicon.com/labs/xml/", "reference_id": "xml", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/" } ], "url": "http://www.codenomicon.com/labs/xml/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4596?format=api", "purl": "pkg:deb/debian/libxml2@2.7.8.dfsg-2%2Bsqueeze8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2rbs-7dzf-wffv" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5rs7-d9hu-rke7" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-7qqd-ze42-ayab" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-b2jx-djjd-rbdx" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-bqh3-eze3-3qbv" }, { "vulnerability": "VCID-brg4-2x5t-akac" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-dmdw-gyj9-2ye5" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jgtz-3gkg-dkbu" }, { "vulnerability": "VCID-jn88-q5mn-37gz" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kmvz-pynk-p7fn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-p8us-th5q-yuey" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rzc3-s4fv-7fhp" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-v22x-mq8p-8qc7" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-xxpz-ak6z-5ufn" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-2%252Bsqueeze8" } ], "aliases": [ "CVE-2009-2416" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xse1-pmep-nqdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37474?format=api", "vulnerability_id": "VCID-xxpz-ak6z-5ufn", "summary": "Uncontrolled Resource Consumption\nlibxml2 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0841.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0841.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0841", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63942", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.6393", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01023", "scoring_system": "epss", "scoring_elements": "0.77599", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01023", "scoring_system": "epss", "scoring_elements": "0.77628", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01023", "scoring_system": "epss", "scoring_elements": "0.77636", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660846", "reference_id": "660846", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660846" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=787067", "reference_id": "787067", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=787067" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0841", "reference_id": "CVE-2012-0841", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0841" }, { "reference_url": "https://security.gentoo.org/glsa/201203-04", "reference_id": "GLSA-201203-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201203-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0324", "reference_id": "RHSA-2012:0324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0217", "reference_id": "RHSA-2013:0217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0217" }, { "reference_url": "https://usn.ubuntu.com/1376-1/", "reference_id": "USN-1376-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1376-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4598?format=api", "purl": "pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5" } ], "aliases": [ "CVE-2012-0841" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xxpz-ak6z-5ufn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36136?format=api", "vulnerability_id": "VCID-y6ed-mwdn-8bcv", "summary": "NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2309.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2309.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2309", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01251", "scoring_system": "epss", "scoring_elements": "0.79686", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01251", "scoring_system": "epss", "scoring_elements": "0.79697", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01251", "scoring_system": "epss", "scoring_elements": "0.79702", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01251", "scoring_system": "epss", "scoring_elements": "0.79696", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01251", "scoring_system": "epss", "scoring_elements": "0.7967", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2309" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/advisories/GHSA-wrxv-2j5q-m38w", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wrxv-2j5q-m38w" }, { "reference_url": "https://github.com/lxml/lxml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/lxml/lxml" }, { "reference_url": "https://github.com/lxml/lxml/blob/master/CHANGES.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/lxml/lxml/blob/master/CHANGES.txt" }, { "reference_url": "https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2022-230.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2022-230.yaml" }, { "reference_url": "https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00021.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2309", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2309" }, { "reference_url": "https://security.gentoo.org/glsa/202208-06", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202208-06" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220915-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220915-0006" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014766", "reference_id": "1014766", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014766" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039991", "reference_id": "1039991", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039991" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107571", "reference_id": "2107571", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8226", "reference_id": "RHSA-2022:8226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8226" }, { "reference_url": "https://usn.ubuntu.com/5760-1/", "reference_id": "USN-5760-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5760-1/" }, { "reference_url": "https://usn.ubuntu.com/6028-2/", "reference_id": "USN-6028-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6028-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2022-2309", "GHSA-wrxv-2j5q-m38w", "PYSEC-2022-230" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y6ed-mwdn-8bcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38120?format=api", "vulnerability_id": "VCID-y6zn-hwwh-23hp", "summary": "Out-of-bounds Read\nThe xmlPArserPrintFileContextInternal function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1838.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1838.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03485", "scoring_system": "epss", "scoring_elements": "0.87792", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03485", "scoring_system": "epss", "scoring_elements": "0.87814", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03485", "scoring_system": "epss", "scoring_elements": "0.87816", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.03485", "scoring_system": "epss", "scoring_elements": "0.87817", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338705", "reference_id": "1338705", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338705" }, { "reference_url": "https://code.google.com/p/google-security-research/issues/detail?id=639", "reference_id": "CVE-2016-1838", "reference_type": "exploit", "scores": [], "url": "https://code.google.com/p/google-security-research/issues/detail?id=639" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39493.txt", "reference_id": "CVE-2016-1838", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39493.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1838", "reference_id": "CVE-2016-1838", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1838" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1292", "reference_id": "RHSA-2016:1292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-1838" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y6zn-hwwh-23hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38539?format=api", "vulnerability_id": "VCID-y76b-6hzr-uqgb", "summary": "Deserialization of Untrusted Data\nThe xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4483.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4483.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79831", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79856", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79862", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79857", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79846", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4483" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332820", "reference_id": "1332820", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332820" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823405", "reference_id": "823405", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823405" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4483", "reference_id": "CVE-2016-4483", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2957", "reference_id": "RHSA-2016:2957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2957" }, { "reference_url": "https://usn.ubuntu.com/2994-1/", "reference_id": "USN-2994-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2994-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4600?format=api", "purl": "pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6" }, { "url": "http://public2.vulnerablecode.io/api/packages/5082?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2" } ], "aliases": [ "CVE-2016-4483" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y76b-6hzr-uqgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46151?format=api", "vulnerability_id": "VCID-y771-xrj9-6qca", "summary": "Use After Free\nThis advisory has been marked as False Positive and removed.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45322.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45322.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-45322", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21596", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21712", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21699", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21654", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-45322" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T18:12:15Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/344" }, { "reference_url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/583", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T18:12:15Z/" } ], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/583" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/06/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T18:12:15Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/06/5" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053629", "reference_id": "1053629", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053629" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242945", "reference_id": "2242945", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242945" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45322", "reference_id": "CVE-2023-45322", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45322" }, { "reference_url": "https://security.gentoo.org/glsa/202402-11", "reference_id": "GLSA-202402-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-11" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509962?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p4u9-3nqe-v3ab" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-rymj-pnfv-3khf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5" } ], "aliases": [ "CVE-2023-45322" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y771-xrj9-6qca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5279?format=api", "vulnerability_id": "VCID-yjn6-17qx-9ubc", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3518.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3518.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3518", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48575", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48638", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48627", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48646", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48599", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3518" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954242", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954242" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Jul/54", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2021/Jul/54" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Jul/55", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2021/Jul/55" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Jul/58", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2021/Jul/58" }, { "reference_url": "http://seclists.org/fulldisclosure/2021/Jul/59", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2021/Jul/59" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3518.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3518.yml" }, { "reference_url": "https://github.com/sparklemotion/nokogiri", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri" }, { "reference_url": "https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722" }, { "reference_url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/" }, { "reference_url": "https://nokogiri.org/CHANGELOG.html#1114-2021-05-14", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nokogiri.org/CHANGELOG.html#1114-2021-05-14" }, { "reference_url": "https://security.gentoo.org/glsa/202107-05", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202107-05" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210625-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20210625-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210625-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20210625-0002/" }, { "reference_url": "https://support.apple.com/kb/HT212601", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/kb/HT212601" }, { "reference_url": "https://support.apple.com/kb/HT212602", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/kb/HT212602" }, { "reference_url": "https://support.apple.com/kb/HT212604", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/kb/HT212604" }, { "reference_url": "https://support.apple.com/kb/HT212605", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/kb/HT212605" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2021.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987737", "reference_id": "987737", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987737" }, { "reference_url": "https://security.archlinux.org/AVG-1883", "reference_id": "AVG-1883", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1883" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3518", "reference_id": "CVE-2021-3518", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3518" }, { "reference_url": "https://github.com/advisories/GHSA-v4f8-2847-rwm7", "reference_id": "GHSA-v4f8-2847-rwm7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v4f8-2847-rwm7" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2569", "reference_id": "RHSA-2021:2569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://usn.ubuntu.com/4991-1/", "reference_id": "USN-4991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509961?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-d47v-hstc-wqc1" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-k5ns-qsh8-9ufj" }, { "vulnerability": "VCID-kqv4-tkg9-6ugb" }, { "vulnerability": "VCID-p5kk-3yg6-yucb" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rymj-pnfv-3khf" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4" } ], "aliases": [ "CVE-2021-3518", "GHSA-v4f8-2847-rwm7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yjn6-17qx-9ubc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39176?format=api", "vulnerability_id": "VCID-zezc-xfmm-cqcg", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nparser.c in libxml2 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16931.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16931.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16931", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01443", "scoring_system": "epss", "scoring_elements": "0.81079", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01443", "scoring_system": "epss", "scoring_elements": "0.81107", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01443", "scoring_system": "epss", "scoring_elements": "0.81103", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01443", "scoring_system": "epss", "scoring_elements": "0.81111", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01443", "scoring_system": "epss", "scoring_elements": "0.81108", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-16931" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16931", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16931" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517307", "reference_id": "1517307", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1517307" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16931", "reference_id": "CVE-2017-16931", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16931" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5477?format=api", "purl": "pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4" } ], "aliases": [ "CVE-2017-16931" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zezc-xfmm-cqcg" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77967?format=api", "vulnerability_id": "VCID-g4r1-u3v4-3bcr", "summary": "Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0110.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0110.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.4134", "scoring_system": "epss", "scoring_elements": "0.97475", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.4134", "scoring_system": "epss", "scoring_elements": "0.97481", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.4134", "scoring_system": "epss", "scoring_elements": "0.97482", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0110" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=430644", "reference_id": "430644", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=430644" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/601.c", "reference_id": "OSVDB-4033;CVE-2004-0110", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/601.c" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:090", "reference_id": "RHSA-2004:090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:091", "reference_id": "RHSA-2004:091", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:091" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:650", "reference_id": "RHSA-2004:650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:650" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4592?format=api", "purl": "pkg:deb/debian/libxml2@2.6.16-7sarge1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2rbs-7dzf-wffv" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5rs7-d9hu-rke7" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-7qqd-ze42-ayab" }, { "vulnerability": "VCID-7x6g-x68k-tuc4" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-8ufh-w88r-kuc3" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-b2jx-djjd-rbdx" }, { "vulnerability": "VCID-b37v-a8em-gkfr" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-bqh3-eze3-3qbv" }, { "vulnerability": "VCID-brg4-2x5t-akac" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-dmdw-gyj9-2ye5" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-fynm-ftmy-47eg" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jgtz-3gkg-dkbu" }, { "vulnerability": "VCID-jn88-q5mn-37gz" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kb3k-r616-6fht" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kg71-czqe-v7g5" }, { "vulnerability": "VCID-kmvz-pynk-p7fn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-p8us-th5q-yuey" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rzc3-s4fv-7fhp" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-tvkx-4rem-wydk" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-uqus-6prc-w7dh" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-v22x-mq8p-8qc7" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-xse1-pmep-nqdc" }, { "vulnerability": "VCID-xxpz-ak6z-5ufn" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.16-7sarge1" } ], "aliases": [ "CVE-2004-0110" ], "risk_score": 0.8, "exploitability": "2.0", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g4r1-u3v4-3bcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77968?format=api", "vulnerability_id": "VCID-gkg9-tbm1-mqb4", "summary": "Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0989.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0989.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0989", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24274", "scoring_system": "epss", "scoring_elements": "0.96195", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.24274", "scoring_system": "epss", "scoring_elements": "0.962", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.24274", "scoring_system": "epss", "scoring_elements": "0.96202", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.24274", "scoring_system": "epss", "scoring_elements": "0.96203", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-0989" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0989" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=430645", "reference_id": "430645", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=430645" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24704.c", "reference_id": "CVE-2004-0989;OSVDB-11179", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24704.c" }, { "reference_url": "https://www.securityfocus.com/bid/11526/info", "reference_id": "CVE-2004-0989;OSVDB-11179", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/11526/info" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:615", "reference_id": "RHSA-2004:615", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:615" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2004:650", "reference_id": "RHSA-2004:650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2004:650" }, { "reference_url": "https://usn.ubuntu.com/89-1/", "reference_id": "USN-89-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/89-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4592?format=api", "purl": "pkg:deb/debian/libxml2@2.6.16-7sarge1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1esy-azbk-rkgn" }, { "vulnerability": "VCID-1f8c-m3q3-yyea" }, { "vulnerability": "VCID-1nax-e3jj-ryef" }, { "vulnerability": "VCID-1sh8-bsk3-auct" }, { "vulnerability": "VCID-1vsu-txd5-qbf3" }, { "vulnerability": "VCID-1zr7-kx71-tkcr" }, { "vulnerability": "VCID-2rbs-7dzf-wffv" }, { "vulnerability": "VCID-2wkc-xqzc-e3g2" }, { "vulnerability": "VCID-3ean-ys5t-bydz" }, { "vulnerability": "VCID-3s6k-9cgk-dfd6" }, { "vulnerability": "VCID-43m9-cg6h-nuet" }, { "vulnerability": "VCID-4sg9-pjmx-6kfy" }, { "vulnerability": "VCID-512y-x2fd-4uh5" }, { "vulnerability": "VCID-5dmr-9sh2-w3hk" }, { "vulnerability": "VCID-5er3-1kbw-33gt" }, { "vulnerability": "VCID-5g9a-2484-rucp" }, { "vulnerability": "VCID-5rs7-d9hu-rke7" }, { "vulnerability": "VCID-5z25-mem7-hfcx" }, { "vulnerability": "VCID-6bw6-4huq-dqex" }, { "vulnerability": "VCID-6hc4-jdej-gkcp" }, { "vulnerability": "VCID-6rnb-qe59-sbfy" }, { "vulnerability": "VCID-6t8y-27ba-cfa2" }, { "vulnerability": "VCID-7qqd-ze42-ayab" }, { "vulnerability": "VCID-7x6g-x68k-tuc4" }, { "vulnerability": "VCID-81dv-y5sg-9kgq" }, { "vulnerability": "VCID-81t2-tsq4-x7ce" }, { "vulnerability": "VCID-8719-hux3-fugq" }, { "vulnerability": "VCID-8ufh-w88r-kuc3" }, { "vulnerability": "VCID-9d2s-f8da-pkgg" }, { "vulnerability": "VCID-9m3t-anwb-4fbx" }, { "vulnerability": "VCID-9usm-m2ey-7qad" }, { "vulnerability": "VCID-a611-3sqz-bkac" }, { "vulnerability": "VCID-aj7d-6vcp-7yey" }, { "vulnerability": "VCID-akrb-6bu8-nqfq" }, { "vulnerability": "VCID-anzu-y37j-dbc2" }, { "vulnerability": "VCID-aqrr-3ej8-ukaa" }, { "vulnerability": "VCID-b2jx-djjd-rbdx" }, { "vulnerability": "VCID-b37v-a8em-gkfr" }, { "vulnerability": "VCID-bgcq-x9bd-83ap" }, { "vulnerability": "VCID-bksc-y3j7-ufek" }, { "vulnerability": "VCID-bm7f-1hbr-dyfx" }, { "vulnerability": "VCID-bqh3-eze3-3qbv" }, { "vulnerability": "VCID-brg4-2x5t-akac" }, { "vulnerability": "VCID-c16x-s3zb-bbef" }, { "vulnerability": "VCID-cgmw-k7dg-gbdw" }, { "vulnerability": "VCID-ct17-yjud-f3a1" }, { "vulnerability": "VCID-dmdw-gyj9-2ye5" }, { "vulnerability": "VCID-ds9f-6ppp-5fax" }, { "vulnerability": "VCID-e8w6-ax3x-wqan" }, { "vulnerability": "VCID-eb5v-9a7f-xyf2" }, { "vulnerability": "VCID-efx2-bpu9-z7a4" }, { "vulnerability": "VCID-egft-crba-6ubx" }, { "vulnerability": "VCID-eh92-k5tc-vyab" }, { "vulnerability": "VCID-ezzm-sgz4-xbaa" }, { "vulnerability": "VCID-f8jy-gtg6-x3f2" }, { "vulnerability": "VCID-f8q4-hk9r-6be4" }, { "vulnerability": "VCID-fda4-67cq-cqg4" }, { "vulnerability": "VCID-fn1n-adz5-5fcy" }, { "vulnerability": "VCID-frer-xevm-x7f7" }, { "vulnerability": "VCID-fynm-ftmy-47eg" }, { "vulnerability": "VCID-gfk4-86ze-3bdx" }, { "vulnerability": "VCID-j98t-paam-97ec" }, { "vulnerability": "VCID-jgtz-3gkg-dkbu" }, { "vulnerability": "VCID-jn88-q5mn-37gz" }, { "vulnerability": "VCID-jtkn-83hh-x3et" }, { "vulnerability": "VCID-jwft-4pxx-5ydg" }, { "vulnerability": "VCID-jxz3-ug52-cuhn" }, { "vulnerability": "VCID-kb3k-r616-6fht" }, { "vulnerability": "VCID-kg69-mhxs-tkcx" }, { "vulnerability": "VCID-kg71-czqe-v7g5" }, { "vulnerability": "VCID-kmvz-pynk-p7fn" }, { "vulnerability": "VCID-kvkp-bve3-bqh7" }, { "vulnerability": "VCID-m8d1-5qex-huf8" }, { "vulnerability": "VCID-m91c-mfu9-bbbh" }, { "vulnerability": "VCID-msku-25sz-rbeg" }, { "vulnerability": "VCID-ne9k-m48b-13cu" }, { "vulnerability": "VCID-p8us-th5q-yuey" }, { "vulnerability": "VCID-pdus-4wua-fucn" }, { "vulnerability": "VCID-pgfh-4snq-pbe6" }, { "vulnerability": "VCID-q1rm-fyhj-kbfu" }, { "vulnerability": "VCID-q736-5feg-q3h2" }, { "vulnerability": "VCID-qa31-1xtw-ybdg" }, { "vulnerability": "VCID-qv2p-47xc-eqc6" }, { "vulnerability": "VCID-r3xn-5u5y-hbdw" }, { "vulnerability": "VCID-rzc3-s4fv-7fhp" }, { "vulnerability": "VCID-tn6n-x8d3-jqd3" }, { "vulnerability": "VCID-tt91-8gv4-3qh9" }, { "vulnerability": "VCID-tvkx-4rem-wydk" }, { "vulnerability": "VCID-u795-5dzy-gkbs" }, { "vulnerability": "VCID-ueh5-fv4d-a7a8" }, { "vulnerability": "VCID-uehj-g87n-sfcf" }, { "vulnerability": "VCID-up1g-mjyj-pub4" }, { "vulnerability": "VCID-uqus-6prc-w7dh" }, { "vulnerability": "VCID-ur8u-6xpb-g3g3" }, { "vulnerability": "VCID-v22x-mq8p-8qc7" }, { "vulnerability": "VCID-vfxe-t79s-3qbb" }, { "vulnerability": "VCID-w156-x6fs-7baj" }, { "vulnerability": "VCID-wqc9-2nup-r7d5" }, { "vulnerability": "VCID-x53x-k5cn-4fhv" }, { "vulnerability": "VCID-xse1-pmep-nqdc" }, { "vulnerability": "VCID-xxpz-ak6z-5ufn" }, { "vulnerability": "VCID-y6ed-mwdn-8bcv" }, { "vulnerability": "VCID-y6zn-hwwh-23hp" }, { "vulnerability": "VCID-y76b-6hzr-uqgb" }, { "vulnerability": "VCID-y771-xrj9-6qca" }, { "vulnerability": "VCID-yjn6-17qx-9ubc" }, { "vulnerability": "VCID-zezc-xfmm-cqcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.16-7sarge1" } ], "aliases": [ "CVE-2004-0989" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gkg9-tbm1-mqb4" } ], "risk_score": "6.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.16-7sarge1" }