Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libxerces2-java@2.12.2-1?distro=trixie
Typedeb
Namespacedebian
Namelibxerces2-java
Version2.12.2-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2gpd-vwgb-67cn
vulnerability_id VCID-2gpd-vwgb-67cn
summary XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
references
0
reference_url http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
5
reference_url http://marc.info/?l=bugtraq&m=125787273209737&w=2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://marc.info/?l=bugtraq&m=125787273209737&w=2
6
reference_url http://rhn.redhat.com/errata/RHSA-2012-1232.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2012-1232.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2012-1537.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2012-1537.html
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2625.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2625.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-2625
reference_id
reference_type
scores
0
value 0.01246
scoring_system epss
scoring_elements 0.79324
published_at 2026-04-21T12:55:00Z
1
value 0.01246
scoring_system epss
scoring_elements 0.79326
published_at 2026-04-16T12:55:00Z
2
value 0.01246
scoring_system epss
scoring_elements 0.79323
published_at 2026-04-18T12:55:00Z
3
value 0.01562
scoring_system epss
scoring_elements 0.81453
published_at 2026-04-04T12:55:00Z
4
value 0.01562
scoring_system epss
scoring_elements 0.81422
published_at 2026-04-01T12:55:00Z
5
value 0.01562
scoring_system epss
scoring_elements 0.81432
published_at 2026-04-02T12:55:00Z
6
value 0.01562
scoring_system epss
scoring_elements 0.81451
published_at 2026-04-07T12:55:00Z
7
value 0.01562
scoring_system epss
scoring_elements 0.81479
published_at 2026-04-08T12:55:00Z
8
value 0.01562
scoring_system epss
scoring_elements 0.81485
published_at 2026-04-09T12:55:00Z
9
value 0.01562
scoring_system epss
scoring_elements 0.81506
published_at 2026-04-11T12:55:00Z
10
value 0.01746
scoring_system epss
scoring_elements 0.82541
published_at 2026-04-12T12:55:00Z
11
value 0.01746
scoring_system epss
scoring_elements 0.82536
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-2625
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=512921
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=512921
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625
12
reference_url http://secunia.com/advisories/36162
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/36162
13
reference_url http://secunia.com/advisories/36176
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/36176
14
reference_url http://secunia.com/advisories/36180
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/36180
15
reference_url http://secunia.com/advisories/36199
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/36199
16
reference_url http://secunia.com/advisories/37300
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/37300
17
reference_url http://secunia.com/advisories/37460
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/37460
18
reference_url http://secunia.com/advisories/37671
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/37671
19
reference_url http://secunia.com/advisories/37754
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/37754
20
reference_url http://secunia.com/advisories/38231
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/38231
21
reference_url http://secunia.com/advisories/38342
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/38342
22
reference_url http://secunia.com/advisories/43300
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/43300
23
reference_url http://secunia.com/advisories/50549
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/50549
24
reference_url https://github.com/apache/xerces2-j/commit/0bdf77af1d4fd26ec2e630fb6d12e2dfa77bc12b
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/xerces2-j/commit/0bdf77af1d4fd26ec2e630fb6d12e2dfa77bc12b
25
reference_url http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.486026
26
reference_url https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2009-2625
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2009-2625
28
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8520
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8520
29
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9356
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9356
30
reference_url https://rhn.redhat.com/errata/RHSA-2009-1199.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2009-1199.html
31
reference_url https://rhn.redhat.com/errata/RHSA-2009-1200.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2009-1200.html
32
reference_url https://rhn.redhat.com/errata/RHSA-2009-1201.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2009-1201.html
33
reference_url https://rhn.redhat.com/errata/RHSA-2009-1636.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2009-1636.html
34
reference_url https://rhn.redhat.com/errata/RHSA-2009-1637.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2009-1637.html
35
reference_url https://rhn.redhat.com/errata/RHSA-2009-1649.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2009-1649.html
36
reference_url https://rhn.redhat.com/errata/RHSA-2009-1650.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rhn.redhat.com/errata/RHSA-2009-1650.html
37
reference_url https://snyk.io/vuln/SNYK-JAVA-XERCES-32014
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-XERCES-32014
38
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1
39
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-66-263489-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://sunsolve.sun.com/search/document.do?assetkey=1-66-263489-1
40
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-66-272209-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://sunsolve.sun.com/search/document.do?assetkey=1-66-272209-1
41
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021506.1-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021506.1-1
42
reference_url http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=572055&r2=787352&pathrev=787353&diff_format=h
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=572055&r2=787352&pathrev=787353&diff_format=h
43
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html
44
reference_url https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html
45
reference_url http://www.cert.fi/en/reports/2009/vulnerability2009085.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.cert.fi/en/reports/2009/vulnerability2009085.html
46
reference_url http://www.codenomicon.com/labs/xml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.codenomicon.com/labs/xml
47
reference_url http://www.codenomicon.com/labs/xml/
reference_id
reference_type
scores
url http://www.codenomicon.com/labs/xml/
48
reference_url http://www.debian.org/security/2010/dsa-1984
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2010/dsa-1984
49
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2009:209
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2009:209
50
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2011:108
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mandriva.com/security/advisories?name=MDVSA-2011:108
51
reference_url http://www.networkworld.com/columnists/2009/080509-xml-flaw.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.networkworld.com/columnists/2009/080509-xml-flaw.html
52
reference_url http://www.openwall.com/lists/oss-security/2009/09/06/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2009/09/06/1
53
reference_url http://www.openwall.com/lists/oss-security/2009/10/22/9
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2009/10/22/9
54
reference_url http://www.openwall.com/lists/oss-security/2009/10/23/6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2009/10/23/6
55
reference_url http://www.openwall.com/lists/oss-security/2009/10/26/3
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2009/10/26/3
56
reference_url http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html
57
reference_url http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html
58
reference_url http://www.redhat.com/support/errata/RHSA-2009-1615.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2009-1615.html
59
reference_url http://www.redhat.com/support/errata/RHSA-2011-0858.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2011-0858.html
60
reference_url http://www.securityfocus.com/archive/1/507985/100/0/threaded
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/507985/100/0/threaded
61
reference_url http://www.securityfocus.com/bid/35958
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/35958
62
reference_url http://www.securitytracker.com/id?1022680
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securitytracker.com/id?1022680
63
reference_url http://www.ubuntu.com/usn/USN-890-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-890-1
64
reference_url http://www.us-cert.gov/cas/techalerts/TA09-294A.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.us-cert.gov/cas/techalerts/TA09-294A.html
65
reference_url http://www.us-cert.gov/cas/techalerts/TA10-012A.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.us-cert.gov/cas/techalerts/TA10-012A.html
66
reference_url http://www.vmware.com/security/advisories/VMSA-2009-0016.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vmware.com/security/advisories/VMSA-2009-0016.html
67
reference_url http://www.vupen.com/english/advisories/2009/2543
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2009/2543
68
reference_url http://www.vupen.com/english/advisories/2009/3316
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2009/3316
69
reference_url http://www.vupen.com/english/advisories/2011/0359
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.vupen.com/english/advisories/2011/0359
70
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=548358
reference_id 548358
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=548358
71
reference_url https://bugzilla.redhat.com/CVE-2009-2625
reference_id CVE-2009-2625
reference_type
scores
url https://bugzilla.redhat.com/CVE-2009-2625
72
reference_url https://github.com/advisories/GHSA-334p-wv2m-w3vp
reference_id GHSA-334p-wv2m-w3vp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-334p-wv2m-w3vp
73
reference_url https://access.redhat.com/errata/RHSA-2009:1199
reference_id RHSA-2009:1199
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1199
74
reference_url https://access.redhat.com/errata/RHSA-2009:1200
reference_id RHSA-2009:1200
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1200
75
reference_url https://access.redhat.com/errata/RHSA-2009:1201
reference_id RHSA-2009:1201
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1201
76
reference_url https://access.redhat.com/errata/RHSA-2009:1236
reference_id RHSA-2009:1236
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1236
77
reference_url https://access.redhat.com/errata/RHSA-2009:1505
reference_id RHSA-2009:1505
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1505
78
reference_url https://access.redhat.com/errata/RHSA-2009:1551
reference_id RHSA-2009:1551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1551
79
reference_url https://access.redhat.com/errata/RHSA-2009:1582
reference_id RHSA-2009:1582
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1582
80
reference_url https://access.redhat.com/errata/RHSA-2009:1615
reference_id RHSA-2009:1615
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1615
81
reference_url https://access.redhat.com/errata/RHSA-2009:1636
reference_id RHSA-2009:1636
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1636
82
reference_url https://access.redhat.com/errata/RHSA-2009:1637
reference_id RHSA-2009:1637
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1637
83
reference_url https://access.redhat.com/errata/RHSA-2009:1649
reference_id RHSA-2009:1649
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1649
84
reference_url https://access.redhat.com/errata/RHSA-2009:1650
reference_id RHSA-2009:1650
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1650
85
reference_url https://access.redhat.com/errata/RHSA-2009:1662
reference_id RHSA-2009:1662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1662
86
reference_url https://access.redhat.com/errata/RHSA-2010:0043
reference_id RHSA-2010:0043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0043
87
reference_url https://access.redhat.com/errata/RHSA-2011:0858
reference_id RHSA-2011:0858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0858
88
reference_url https://access.redhat.com/errata/RHSA-2012:0725
reference_id RHSA-2012:0725
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0725
89
reference_url https://access.redhat.com/errata/RHSA-2012:1232
reference_id RHSA-2012:1232
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1232
90
reference_url https://access.redhat.com/errata/RHSA-2012:1537
reference_id RHSA-2012:1537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1537
91
reference_url https://access.redhat.com/errata/RHSA-2013:0763
reference_id RHSA-2013:0763
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0763
92
reference_url https://usn.ubuntu.com/814-1/
reference_id USN-814-1
reference_type
scores
url https://usn.ubuntu.com/814-1/
93
reference_url https://usn.ubuntu.com/890-1/
reference_id USN-890-1
reference_type
scores
url https://usn.ubuntu.com/890-1/
fixed_packages
0
url pkg:deb/debian/libxerces2-java@2.9.1-4.1?distro=trixie
purl pkg:deb/debian/libxerces2-java@2.9.1-4.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxerces2-java@2.9.1-4.1%3Fdistro=trixie
1
url pkg:deb/debian/libxerces2-java@2.12.1-1?distro=trixie
purl pkg:deb/debian/libxerces2-java@2.12.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-c2s2-wsy6-sufn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxerces2-java@2.12.1-1%3Fdistro=trixie
2
url pkg:deb/debian/libxerces2-java@2.12.2-1?distro=trixie
purl pkg:deb/debian/libxerces2-java@2.12.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxerces2-java@2.12.2-1%3Fdistro=trixie
aliases CVE-2009-2625, GHSA-334p-wv2m-w3vp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2gpd-vwgb-67cn
1
url VCID-c2s2-wsy6-sufn
vulnerability_id VCID-c2s2-wsy6-sufn
summary 
XML Injection (aka Blind XPath Injection)
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23437.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23437.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23437
reference_id
reference_type
scores
0
value 0.00087
scoring_system epss
scoring_elements 0.24948
published_at 2026-04-16T12:55:00Z
1
value 0.00087
scoring_system epss
scoring_elements 0.24935
published_at 2026-04-13T12:55:00Z
2
value 0.00087
scoring_system epss
scoring_elements 0.24989
published_at 2026-04-12T12:55:00Z
3
value 0.00087
scoring_system epss
scoring_elements 0.25029
published_at 2026-04-11T12:55:00Z
4
value 0.00087
scoring_system epss
scoring_elements 0.25015
published_at 2026-04-09T12:55:00Z
5
value 0.00087
scoring_system epss
scoring_elements 0.2497
published_at 2026-04-08T12:55:00Z
6
value 0.00087
scoring_system epss
scoring_elements 0.24901
published_at 2026-04-07T12:55:00Z
7
value 0.00089
scoring_system epss
scoring_elements 0.25542
published_at 2026-04-04T12:55:00Z
8
value 0.00089
scoring_system epss
scoring_elements 0.25504
published_at 2026-04-02T12:55:00Z
9
value 0.00101
scoring_system epss
scoring_elements 0.27855
published_at 2026-04-21T12:55:00Z
10
value 0.00101
scoring_system epss
scoring_elements 0.27898
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23437
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23437
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23437
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/jboss/xerces
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jboss/xerces
5
reference_url https://lists.apache.org/thread/6pjwm10bb69kq955fzr1n0nflnjd27dl
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/6pjwm10bb69kq955fzr1n0nflnjd27dl
6
reference_url https://security.netapp.com/advisory/ntap-20221028-0005
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20221028-0005
7
reference_url https://security.netapp.com/advisory/ntap-20221028-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20221028-0005/
8
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
9
reference_url https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpujul2022.html
10
reference_url http://www.openwall.com/lists/oss-security/2022/01/24/3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/01/24/3
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016975
reference_id 1016975
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016975
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2047200
reference_id 2047200
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2047200
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-23437
reference_id CVE-2022-23437
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-23437
14
reference_url https://github.com/advisories/GHSA-h65f-jvqw-m9fj
reference_id GHSA-h65f-jvqw-m9fj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-h65f-jvqw-m9fj
15
reference_url https://access.redhat.com/errata/RHSA-2022:4918
reference_id RHSA-2022:4918
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4918
16
reference_url https://access.redhat.com/errata/RHSA-2022:4919
reference_id RHSA-2022:4919
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4919
17
reference_url https://access.redhat.com/errata/RHSA-2022:4922
reference_id RHSA-2022:4922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4922
fixed_packages
0
url pkg:deb/debian/libxerces2-java@2.12.2-1?distro=trixie
purl pkg:deb/debian/libxerces2-java@2.12.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxerces2-java@2.12.2-1%3Fdistro=trixie
aliases CVE-2022-23437, GHSA-h65f-jvqw-m9fj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2s2-wsy6-sufn
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libxerces2-java@2.12.2-1%3Fdistro=trixie