Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libxml2@0?distro=trixie
Typedeb
Namespacedebian
Namelibxml2
Version0
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.6.6-1
Latest_non_vulnerable_version2.15.2+dfsg-0.1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4gyr-nwyy-qfeq
vulnerability_id VCID-4gyr-nwyy-qfeq
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9597.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9597.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9597
reference_id
reference_type
scores
0
value 0.01148
scoring_system epss
scoring_elements 0.78496
published_at 2026-04-21T12:55:00Z
1
value 0.01251
scoring_system epss
scoring_elements 0.79296
published_at 2026-04-02T12:55:00Z
2
value 0.01251
scoring_system epss
scoring_elements 0.7932
published_at 2026-04-04T12:55:00Z
3
value 0.01251
scoring_system epss
scoring_elements 0.79306
published_at 2026-04-07T12:55:00Z
4
value 0.01251
scoring_system epss
scoring_elements 0.79331
published_at 2026-04-08T12:55:00Z
5
value 0.01251
scoring_system epss
scoring_elements 0.79289
published_at 2026-04-01T12:55:00Z
6
value 0.01251
scoring_system epss
scoring_elements 0.79365
published_at 2026-04-11T12:55:00Z
7
value 0.01251
scoring_system epss
scoring_elements 0.79349
published_at 2026-04-12T12:55:00Z
8
value 0.01251
scoring_system epss
scoring_elements 0.79339
published_at 2026-04-13T12:55:00Z
9
value 0.01251
scoring_system epss
scoring_elements 0.79366
published_at 2026-04-16T12:55:00Z
10
value 0.01251
scoring_system epss
scoring_elements 0.79361
published_at 2026-04-18T12:55:00Z
11
value 0.01251
scoring_system epss
scoring_elements 0.79341
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9597
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9597
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9597
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securityfocus.com/bid/98567
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/98567
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1408305
reference_id 1408305
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1408305
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9597
reference_id CVE-2016-9597
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-9597
fixed_packages
0
url pkg:deb/debian/libxml2@0?distro=trixie
purl pkg:deb/debian/libxml2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@0%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2016-9597
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4gyr-nwyy-qfeq
1
url VCID-8pzj-mq5r-rqcq
vulnerability_id VCID-8pzj-mq5r-rqcq
summary 
Loop with Unreachable Exit Condition ('Infinite Loop')
The xz_decomp function in xzlib.c in libxml2, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9251.json
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9251.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-9251
reference_id
reference_type
scores
0
value 0.00772
scoring_system epss
scoring_elements 0.735
published_at 2026-04-01T12:55:00Z
1
value 0.00772
scoring_system epss
scoring_elements 0.73597
published_at 2026-04-21T12:55:00Z
2
value 0.00772
scoring_system epss
scoring_elements 0.73551
published_at 2026-04-13T12:55:00Z
3
value 0.00772
scoring_system epss
scoring_elements 0.73595
published_at 2026-04-16T12:55:00Z
4
value 0.00772
scoring_system epss
scoring_elements 0.73604
published_at 2026-04-18T12:55:00Z
5
value 0.00772
scoring_system epss
scoring_elements 0.73509
published_at 2026-04-02T12:55:00Z
6
value 0.00772
scoring_system epss
scoring_elements 0.73531
published_at 2026-04-04T12:55:00Z
7
value 0.00772
scoring_system epss
scoring_elements 0.73503
published_at 2026-04-07T12:55:00Z
8
value 0.00772
scoring_system epss
scoring_elements 0.73539
published_at 2026-04-08T12:55:00Z
9
value 0.00772
scoring_system epss
scoring_elements 0.73553
published_at 2026-04-09T12:55:00Z
10
value 0.00772
scoring_system epss
scoring_elements 0.73576
published_at 2026-04-11T12:55:00Z
11
value 0.00772
scoring_system epss
scoring_elements 0.73559
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-9251
2
reference_url https://bugzilla.gnome.org/show_bug.cgi?id=794914
reference_id
reference_type
scores
url https://bugzilla.gnome.org/show_bug.cgi?id=794914
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1565318
reference_id 1565318
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1565318
6
reference_url https://security.archlinux.org/ASA-201810-3
reference_id ASA-201810-3
reference_type
scores
url https://security.archlinux.org/ASA-201810-3
7
reference_url https://security.archlinux.org/ASA-201810-4
reference_id ASA-201810-4
reference_type
scores
url https://security.archlinux.org/ASA-201810-4
8
reference_url https://security.archlinux.org/AVG-672
reference_id AVG-672
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-672
9
reference_url https://security.archlinux.org/AVG-673
reference_id AVG-673
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-673
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-9251
reference_id CVE-2018-9251
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-9251
11
reference_url https://access.redhat.com/errata/RHSA-2020:1827
reference_id RHSA-2020:1827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1827
fixed_packages
0
url pkg:deb/debian/libxml2@0?distro=trixie
purl pkg:deb/debian/libxml2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@0%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2018-9251
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8pzj-mq5r-rqcq
2
url VCID-a28u-yu15-3qa6
vulnerability_id VCID-a28u-yu15-3qa6
summary 
Use After Free
Multiple use-after-free vulnerabilities in libxml2 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-04/msg00109.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-04/msg00109.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-06/msg00081.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-06/msg00081.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1969.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1969.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1969
reference_id
reference_type
scores
0
value 0.00954
scoring_system epss
scoring_elements 0.76445
published_at 2026-04-21T12:55:00Z
1
value 0.00954
scoring_system epss
scoring_elements 0.76355
published_at 2026-04-01T12:55:00Z
2
value 0.00954
scoring_system epss
scoring_elements 0.76358
published_at 2026-04-02T12:55:00Z
3
value 0.00954
scoring_system epss
scoring_elements 0.76388
published_at 2026-04-04T12:55:00Z
4
value 0.00954
scoring_system epss
scoring_elements 0.7637
published_at 2026-04-07T12:55:00Z
5
value 0.00954
scoring_system epss
scoring_elements 0.76402
published_at 2026-04-08T12:55:00Z
6
value 0.00954
scoring_system epss
scoring_elements 0.76417
published_at 2026-04-09T12:55:00Z
7
value 0.00954
scoring_system epss
scoring_elements 0.76442
published_at 2026-04-11T12:55:00Z
8
value 0.00954
scoring_system epss
scoring_elements 0.7642
published_at 2026-04-12T12:55:00Z
9
value 0.00954
scoring_system epss
scoring_elements 0.76415
published_at 2026-04-13T12:55:00Z
10
value 0.00954
scoring_system epss
scoring_elements 0.76456
published_at 2026-04-16T12:55:00Z
11
value 0.00954
scoring_system epss
scoring_elements 0.7646
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1969
4
reference_url https://bugzilla.gnome.org/show_bug.cgi?id=690202
reference_id
reference_type
scores
url https://bugzilla.gnome.org/show_bug.cgi?id=690202
5
reference_url http://secunia.com/advisories/53061
reference_id
reference_type
scores
url http://secunia.com/advisories/53061
6
reference_url https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f
reference_id
reference_type
scores
url https://git.gnome.org/browse/libxml2/commit/?id=de0cc20c29cb3f056062925395e0f68d2250a46f
7
reference_url http://www.openwall.com/lists/oss-security/2013/04/17/4
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/04/17/4
8
reference_url http://www.openwall.com/lists/oss-security/2013/04/19/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/04/19/1
9
reference_url http://www.ubuntu.com/usn/USN-1817-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-1817-1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=953722
reference_id 953722
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=953722
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:xmlsoft:libxml2:2.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.0:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1969
reference_id CVE-2013-1969
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2013-1969
13
reference_url https://security.gentoo.org/glsa/201311-06
reference_id GLSA-201311-06
reference_type
scores
url https://security.gentoo.org/glsa/201311-06
14
reference_url https://security.gentoo.org/glsa/201412-11
reference_id GLSA-201412-11
reference_type
scores
url https://security.gentoo.org/glsa/201412-11
15
reference_url https://usn.ubuntu.com/1817-1/
reference_id USN-1817-1
reference_type
scores
url https://usn.ubuntu.com/1817-1/
fixed_packages
0
url pkg:deb/debian/libxml2@0?distro=trixie
purl pkg:deb/debian/libxml2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@0%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2013-1969
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a28u-yu15-3qa6
3
url VCID-b828-btkm-tufv
vulnerability_id VCID-b828-btkm-tufv
summary 
Uncontrolled Resource Consumption
libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-3627.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9596.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9596.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9596
reference_id
reference_type
scores
0
value 0.00673
scoring_system epss
scoring_elements 0.71425
published_at 2026-04-21T12:55:00Z
1
value 0.00673
scoring_system epss
scoring_elements 0.71349
published_at 2026-04-07T12:55:00Z
2
value 0.00673
scoring_system epss
scoring_elements 0.71357
published_at 2026-04-02T12:55:00Z
3
value 0.00673
scoring_system epss
scoring_elements 0.71375
published_at 2026-04-04T12:55:00Z
4
value 0.00673
scoring_system epss
scoring_elements 0.7139
published_at 2026-04-08T12:55:00Z
5
value 0.00673
scoring_system epss
scoring_elements 0.71403
published_at 2026-04-09T12:55:00Z
6
value 0.00673
scoring_system epss
scoring_elements 0.71426
published_at 2026-04-11T12:55:00Z
7
value 0.00673
scoring_system epss
scoring_elements 0.71411
published_at 2026-04-12T12:55:00Z
8
value 0.00673
scoring_system epss
scoring_elements 0.71393
published_at 2026-04-13T12:55:00Z
9
value 0.00673
scoring_system epss
scoring_elements 0.71439
published_at 2026-04-16T12:55:00Z
10
value 0.00673
scoring_system epss
scoring_elements 0.71445
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9596
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1408302
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1408302
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9596
reference_id CVE-2016-9596
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-9596
fixed_packages
0
url pkg:deb/debian/libxml2@0?distro=trixie
purl pkg:deb/debian/libxml2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@0%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2016-9596
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b828-btkm-tufv
4
url VCID-bmv8-f7rb-43dc
vulnerability_id VCID-bmv8-f7rb-43dc
summary libxml2: XXE vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40896.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-40896.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-40896
reference_id
reference_type
scores
0
value 0.00553
scoring_system epss
scoring_elements 0.68083
published_at 2026-04-21T12:55:00Z
1
value 0.00553
scoring_system epss
scoring_elements 0.68099
published_at 2026-04-11T12:55:00Z
2
value 0.00553
scoring_system epss
scoring_elements 0.68085
published_at 2026-04-12T12:55:00Z
3
value 0.00553
scoring_system epss
scoring_elements 0.68051
published_at 2026-04-13T12:55:00Z
4
value 0.00553
scoring_system epss
scoring_elements 0.68088
published_at 2026-04-16T12:55:00Z
5
value 0.00553
scoring_system epss
scoring_elements 0.681
published_at 2026-04-18T12:55:00Z
6
value 0.00553
scoring_system epss
scoring_elements 0.68012
published_at 2026-04-02T12:55:00Z
7
value 0.00553
scoring_system epss
scoring_elements 0.68031
published_at 2026-04-04T12:55:00Z
8
value 0.00553
scoring_system epss
scoring_elements 0.68009
published_at 2026-04-07T12:55:00Z
9
value 0.00553
scoring_system epss
scoring_elements 0.6806
published_at 2026-04-08T12:55:00Z
10
value 0.00553
scoring_system epss
scoring_elements 0.68075
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-40896
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/commit/1a8932303969907f6572b1b6aac4081c56adb5c6
reference_id 1a8932303969907f6572b1b6aac4081c56adb5c6
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-24T02:10:22Z/
url https://gitlab.gnome.org/GNOME/libxml2/-/commit/1a8932303969907f6572b1b6aac4081c56adb5c6
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2333871
reference_id 2333871
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2333871
5
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/issues/761
reference_id 761
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-24T02:10:22Z/
url https://gitlab.gnome.org/GNOME/libxml2/-/issues/761
6
reference_url https://usn.ubuntu.com/7215-1/
reference_id USN-7215-1
reference_type
scores
url https://usn.ubuntu.com/7215-1/
fixed_packages
0
url pkg:deb/debian/libxml2@0?distro=trixie
purl pkg:deb/debian/libxml2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@0%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2024-40896
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bmv8-f7rb-43dc
5
url VCID-drf1-ktzv-a3dk
vulnerability_id VCID-drf1-ktzv-a3dk
summary libxml2: Libxml2 out of bounds read
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26434.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26434.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-26434
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.00391
published_at 2026-04-04T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00393
published_at 2026-04-21T12:55:00Z
2
value 6e-05
scoring_system epss
scoring_elements 0.00369
published_at 2026-04-18T12:55:00Z
3
value 6e-05
scoring_system epss
scoring_elements 0.00365
published_at 2026-04-16T12:55:00Z
4
value 6e-05
scoring_system epss
scoring_elements 0.0038
published_at 2026-04-07T12:55:00Z
5
value 6e-05
scoring_system epss
scoring_elements 0.00377
published_at 2026-04-09T12:55:00Z
6
value 6e-05
scoring_system epss
scoring_elements 0.00375
published_at 2026-04-11T12:55:00Z
7
value 6e-05
scoring_system epss
scoring_elements 0.00371
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-26434
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2393475
reference_id 2393475
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2393475
3
reference_url https://source.android.com/security/bulletin/android-16
reference_id android-16
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-05T16:44:27Z/
url https://source.android.com/security/bulletin/android-16
fixed_packages
0
url pkg:deb/debian/libxml2@0?distro=trixie
purl pkg:deb/debian/libxml2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@0%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2025-26434
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-drf1-ktzv-a3dk
6
url VCID-eqva-5dwq-d7cw
vulnerability_id VCID-eqva-5dwq-d7cw
summary libxml: Null pointer dereference leads to Denial of service (DoS)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49795.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49795.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-49795
reference_id
reference_type
scores
0
value 0.00153
scoring_system epss
scoring_elements 0.35945
published_at 2026-04-07T12:55:00Z
1
value 0.00153
scoring_system epss
scoring_elements 0.36079
published_at 2026-04-02T12:55:00Z
2
value 0.00153
scoring_system epss
scoring_elements 0.36109
published_at 2026-04-04T12:55:00Z
3
value 0.00153
scoring_system epss
scoring_elements 0.35994
published_at 2026-04-08T12:55:00Z
4
value 0.00153
scoring_system epss
scoring_elements 0.36017
published_at 2026-04-09T12:55:00Z
5
value 0.00153
scoring_system epss
scoring_elements 0.36024
published_at 2026-04-11T12:55:00Z
6
value 0.00555
scoring_system epss
scoring_elements 0.68122
published_at 2026-04-12T12:55:00Z
7
value 0.00555
scoring_system epss
scoring_elements 0.68089
published_at 2026-04-13T12:55:00Z
8
value 0.00566
scoring_system epss
scoring_elements 0.68511
published_at 2026-04-18T12:55:00Z
9
value 0.00566
scoring_system epss
scoring_elements 0.68497
published_at 2026-04-16T12:55:00Z
10
value 0.00834
scoring_system epss
scoring_elements 0.74639
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-49795
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2372379
reference_id 2372379
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:30:23Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2372379
4
reference_url https://gitlab.gnome.org/GNOME/libxml2/-/issues/932
reference_id 932
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:30:23Z/
url https://gitlab.gnome.org/GNOME/libxml2/-/issues/932
5
reference_url https://security.archlinux.org/AVG-2898
reference_id AVG-2898
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2898
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1
reference_id cpe:/a:redhat:hummingbird:1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1
reference_id cpe:/a:redhat:jboss_core_services:1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
13
reference_url https://access.redhat.com/security/cve/CVE-2025-49795
reference_id CVE-2025-49795
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:30:23Z/
url https://access.redhat.com/security/cve/CVE-2025-49795
14
reference_url https://access.redhat.com/errata/RHSA-2025:10630
reference_id RHSA-2025:10630
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:30:23Z/
url https://access.redhat.com/errata/RHSA-2025:10630
15
reference_url https://access.redhat.com/errata/RHSA-2025:19020
reference_id RHSA-2025:19020
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:30:23Z/
url https://access.redhat.com/errata/RHSA-2025:19020
16
reference_url https://access.redhat.com/errata/RHSA-2026:7519
reference_id RHSA-2026:7519
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:30:23Z/
url https://access.redhat.com/errata/RHSA-2026:7519
fixed_packages
0
url pkg:deb/debian/libxml2@0?distro=trixie
purl pkg:deb/debian/libxml2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@0%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2025-49795
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eqva-5dwq-d7cw
7
url VCID-gc1r-nauj-1fge
vulnerability_id VCID-gc1r-nauj-1fge
summary 
Out-of-bounds Read
libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted XML document. NOTE: this vulnerability exists because of a missing fix for CVE-2016-4483.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2486
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2486
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9598.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9598.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9598
reference_id
reference_type
scores
0
value 0.00673
scoring_system epss
scoring_elements 0.71349
published_at 2026-04-07T12:55:00Z
1
value 0.00673
scoring_system epss
scoring_elements 0.71357
published_at 2026-04-02T12:55:00Z
2
value 0.00673
scoring_system epss
scoring_elements 0.71375
published_at 2026-04-04T12:55:00Z
3
value 0.00673
scoring_system epss
scoring_elements 0.7139
published_at 2026-04-08T12:55:00Z
4
value 0.00673
scoring_system epss
scoring_elements 0.71403
published_at 2026-04-09T12:55:00Z
5
value 0.00673
scoring_system epss
scoring_elements 0.71426
published_at 2026-04-11T12:55:00Z
6
value 0.00673
scoring_system epss
scoring_elements 0.71411
published_at 2026-04-12T12:55:00Z
7
value 0.00673
scoring_system epss
scoring_elements 0.71393
published_at 2026-04-13T12:55:00Z
8
value 0.00673
scoring_system epss
scoring_elements 0.71439
published_at 2026-04-16T12:55:00Z
9
value 0.00673
scoring_system epss
scoring_elements 0.71445
published_at 2026-04-18T12:55:00Z
10
value 0.00673
scoring_system epss
scoring_elements 0.71425
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9598
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1408306
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1408306
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9598
reference_id CVE-2016-9598
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-9598
fixed_packages
0
url pkg:deb/debian/libxml2@0?distro=trixie
purl pkg:deb/debian/libxml2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@0%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2016-9598
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gc1r-nauj-1fge
8
url VCID-rbdy-dm61-jkdw
vulnerability_id VCID-rbdy-dm61-jkdw
summary 
Multiple vulnerabilities in libxml2 might lead to execution of arbitrary
    code or Denial of Service.
references
0
reference_url http://bugzilla.gnome.org/show_bug.cgi?id=554660
reference_id
reference_type
scores
url http://bugzilla.gnome.org/show_bug.cgi?id=554660
1
reference_url http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
2
reference_url http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
3
reference_url http://openwall.com/lists/oss-security/2008/10/02/4
reference_id
reference_type
scores
url http://openwall.com/lists/oss-security/2008/10/02/4
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4409.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4409.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-4409
reference_id
reference_type
scores
0
value 0.11297
scoring_system epss
scoring_elements 0.93559
published_at 2026-04-21T12:55:00Z
1
value 0.11297
scoring_system epss
scoring_elements 0.93494
published_at 2026-04-01T12:55:00Z
2
value 0.11297
scoring_system epss
scoring_elements 0.93503
published_at 2026-04-02T12:55:00Z
3
value 0.11297
scoring_system epss
scoring_elements 0.9351
published_at 2026-04-07T12:55:00Z
4
value 0.11297
scoring_system epss
scoring_elements 0.93518
published_at 2026-04-08T12:55:00Z
5
value 0.11297
scoring_system epss
scoring_elements 0.93521
published_at 2026-04-09T12:55:00Z
6
value 0.11297
scoring_system epss
scoring_elements 0.93527
published_at 2026-04-13T12:55:00Z
7
value 0.11297
scoring_system epss
scoring_elements 0.93526
published_at 2026-04-12T12:55:00Z
8
value 0.11297
scoring_system epss
scoring_elements 0.93546
published_at 2026-04-16T12:55:00Z
9
value 0.11297
scoring_system epss
scoring_elements 0.93551
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-4409
6
reference_url http://secunia.com/advisories/32130
reference_id
reference_type
scores
url http://secunia.com/advisories/32130
7
reference_url http://secunia.com/advisories/32175
reference_id
reference_type
scores
url http://secunia.com/advisories/32175
8
reference_url http://secunia.com/advisories/32974
reference_id
reference_type
scores
url http://secunia.com/advisories/32974
9
reference_url http://secunia.com/advisories/35379
reference_id
reference_type
scores
url http://secunia.com/advisories/35379
10
reference_url http://security.gentoo.org/glsa/glsa-200812-06.xml
reference_id
reference_type
scores
url http://security.gentoo.org/glsa/glsa-200812-06.xml
11
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/45633
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/45633
12
reference_url http://support.apple.com/kb/HT3613
reference_id
reference_type
scores
url http://support.apple.com/kb/HT3613
13
reference_url http://support.apple.com/kb/HT3639
reference_id
reference_type
scores
url http://support.apple.com/kb/HT3639
14
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00125.html
reference_id
reference_type
scores
url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00125.html
15
reference_url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00130.html
reference_id
reference_type
scores
url https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00130.html
16
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2008:212
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2008:212
17
reference_url http://www.securityfocus.com/bid/31555
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/31555
18
reference_url http://www.vupen.com/english/advisories/2009/1522
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2009/1522
19
reference_url http://www.vupen.com/english/advisories/2009/1621
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2009/1621
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=465756
reference_id 465756
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=465756
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2008-4409
reference_id CVE-2008-4409
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2008-4409
24
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/dos/32454.xml
reference_id CVE-2008-4409;OSVDB-48754
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/dos/32454.xml
25
reference_url https://www.securityfocus.com/bid/31555/info
reference_id CVE-2008-4409;OSVDB-48754
reference_type exploit
scores
url https://www.securityfocus.com/bid/31555/info
26
reference_url https://security.gentoo.org/glsa/200812-06
reference_id GLSA-200812-06
reference_type
scores
url https://security.gentoo.org/glsa/200812-06
fixed_packages
0
url pkg:deb/debian/libxml2@0?distro=trixie
purl pkg:deb/debian/libxml2@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@0%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2008-4409
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rbdy-dm61-jkdw
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@0%3Fdistro=trixie