Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libxml2@2.7.8.dfsg-1?distro=trixie

Type deb

Namespace debian

Name libxml2

Version 2.7.8.dfsg-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.7.8.dfsg-2

Latest_non_vulnerable_version 2.15.2+dfsg-0.1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-hz3p-4d8c-z7gm

vulnerability_id VCID-hz3p-4d8c-z7gm

summary

Improper Restriction of Operations within the Bounds of a Memory Buffer
libxml2, as used in Google Chrome, Apple Safari, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.

references

reference_url	http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/
reference_id
reference_type
scores
url	http://blog.bkis.com/en/libxml2-vulnerability-in-google-chrome-and-apple-safari/

reference_url	http://code.google.com/p/chromium/issues/detail?id=58731
reference_id
reference_type
scores
url	http://code.google.com/p/chromium/issues/detail?id=58731

reference_url	http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html
reference_id
reference_type
scores
url	http://googlechromereleases.blogspot.com/2010/11/stable-channel-update.html

reference_url	http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html

reference_url	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html

reference_url	http://mail.gnome.org/archives/xml/2010-November/msg00015.html
reference_id
reference_type
scores
url	http://mail.gnome.org/archives/xml/2010-November/msg00015.html

reference_url	http://marc.info/?l=bugtraq&m=130331363227777&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=130331363227777&w=2

reference_url	http://marc.info/?l=bugtraq&m=139447903326211&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=139447903326211&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0217.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0217.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4008.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4008.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-4008

reference_id

reference_type

scores

value	0.00756
scoring_system	epss
scoring_elements	0.73312
published_at	2026-04-18T12:55:00Z

value	0.00756
scoring_system	epss
scoring_elements	0.73209
published_at	2026-04-01T12:55:00Z

value	0.00756
scoring_system	epss
scoring_elements	0.73219
published_at	2026-04-02T12:55:00Z

value	0.00756
scoring_system	epss
scoring_elements	0.7324
published_at	2026-04-04T12:55:00Z

value	0.00756
scoring_system	epss
scoring_elements	0.73213
published_at	2026-04-07T12:55:00Z

value	0.00756
scoring_system	epss
scoring_elements	0.73249
published_at	2026-04-08T12:55:00Z

value	0.00756
scoring_system	epss
scoring_elements	0.73263
published_at	2026-04-09T12:55:00Z

value	0.00756
scoring_system	epss
scoring_elements	0.73288
published_at	2026-04-11T12:55:00Z

value	0.00756
scoring_system	epss
scoring_elements	0.73268
published_at	2026-04-12T12:55:00Z

value	0.00756
scoring_system	epss
scoring_elements	0.73261
published_at	2026-04-13T12:55:00Z

value	0.00756
scoring_system	epss
scoring_elements	0.73304
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-4008

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008

reference_url	http://secunia.com/advisories/40775
reference_id
reference_type
scores
url	http://secunia.com/advisories/40775

reference_url	http://secunia.com/advisories/42109
reference_id
reference_type
scores
url	http://secunia.com/advisories/42109

reference_url	http://secunia.com/advisories/42175
reference_id
reference_type
scores
url	http://secunia.com/advisories/42175

reference_url	http://secunia.com/advisories/42314
reference_id
reference_type
scores
url	http://secunia.com/advisories/42314

reference_url	http://secunia.com/advisories/42429
reference_id
reference_type
scores
url	http://secunia.com/advisories/42429

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12148

reference_url	http://support.apple.com/kb/HT4456
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT4456

reference_url	http://support.apple.com/kb/HT4554
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT4554

reference_url	http://support.apple.com/kb/HT4566
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT4566

reference_url	http://support.apple.com/kb/HT4581
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT4581

reference_url	http://www.debian.org/security/2010/dsa-2128
reference_id
reference_type
scores
url	http://www.debian.org/security/2010/dsa-2128

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:243
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:243

reference_url	http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html
reference_id
reference_type
scores
url	http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-1749.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-1749.html

reference_url	http://www.securityfocus.com/bid/44779
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/44779

reference_url	http://www.ubuntu.com/usn/USN-1016-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-1016-1

reference_url	http://www.vupen.com/english/advisories/2010/3046
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/3046

reference_url	http://www.vupen.com/english/advisories/2010/3076
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/3076

reference_url	http://www.vupen.com/english/advisories/2010/3100
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/3100

reference_url	http://www.vupen.com/english/advisories/2011/0230
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0230

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602609
reference_id	602609
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602609

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=645341
reference_id	645341
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=645341

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice::::::::
reference_id	cpe:2.3:a:apache:openoffice::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes::::::::
reference_id	cpe:2.3:a:apple:itunes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
reference_id	cpe:2.3:a:apple:safari::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::
reference_id	cpe:2.3:a:google:chrome::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2::::::::
reference_id	cpe:2.3:a:xmlsoft:libxml2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
reference_id	cpe:2.3:o:apple:iphone_os::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp3::::::
reference_id	cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:10:sp3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:11:-::::::
reference_id	cpe:2.3:o:suse:suse_linux_enterprise_server:11:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:11:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1::::::
reference_id	cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-4008

reference_id

CVE-2010-4008

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-4008

reference_url	https://security.gentoo.org/glsa/201110-26
reference_id	GLSA-201110-26
reference_type
scores
url	https://security.gentoo.org/glsa/201110-26

reference_url	https://access.redhat.com/errata/RHSA-2011:1749
reference_id	RHSA-2011:1749
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1749

reference_url	https://access.redhat.com/errata/RHSA-2012:0017
reference_id	RHSA-2012:0017
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0017

reference_url	https://access.redhat.com/errata/RHSA-2013:0217
reference_id	RHSA-2013:0217
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0217

reference_url	https://usn.ubuntu.com/1016-1/
reference_id	USN-1016-1
reference_type
scores
url	https://usn.ubuntu.com/1016-1/

fixed_packages

url	pkg:deb/debian/libxml2@2.7.8.dfsg-1?distro=trixie
purl	pkg:deb/debian/libxml2@2.7.8.dfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-1%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie

aliases CVE-2010-4008

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hz3p-4d8c-z7gm

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-1%3Fdistro=trixie

Package Instance