Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libxml2@2.7.8.dfsg-2?distro=trixie

Type deb

Namespace debian

Name libxml2

Version 2.7.8.dfsg-2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.7.8.dfsg-3

Latest_non_vulnerable_version 2.15.2+dfsg-0.1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-axc8-mw7j-7ufg

vulnerability_id VCID-axc8-mw7j-7ufg

summary

Double Free
Double free vulnerability in libxml2 and other versions, as used in Google Chrome and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

references

reference_url	http://code.google.com/p/chromium/issues/detail?id=63444
reference_id
reference_type
scores
url	http://code.google.com/p/chromium/issues/detail?id=63444

reference_url	http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html
reference_id
reference_type
scores
url	http://googlechromereleases.blogspot.com/2010/12/stable-beta-channel-updates.html

reference_url	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html

reference_url	http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html

reference_url	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055775.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html

reference_url	http://marc.info/?l=bugtraq&m=139447903326211&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=139447903326211&w=2

reference_url	http://rhn.redhat.com/errata/RHSA-2013-0217.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2013-0217.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4494.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4494.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-4494

reference_id

reference_type

scores

value	0.01264
scoring_system	epss
scoring_elements	0.7953
published_at	2026-04-29T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.79396
published_at	2026-04-01T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.79403
published_at	2026-04-02T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.79425
published_at	2026-04-04T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.79412
published_at	2026-04-07T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.7944
published_at	2026-04-08T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.79449
published_at	2026-04-09T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.79471
published_at	2026-04-11T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.79455
published_at	2026-04-12T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.79444
published_at	2026-04-13T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.79475
published_at	2026-04-16T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.79473
published_at	2026-04-18T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.79476
published_at	2026-04-21T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.79508
published_at	2026-04-24T12:55:00Z

value	0.01264
scoring_system	epss
scoring_elements	0.79515
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-4494

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494

reference_url	http://secunia.com/advisories/40775
reference_id
reference_type
scores
url	http://secunia.com/advisories/40775

reference_url	http://secunia.com/advisories/42472
reference_id
reference_type
scores
url	http://secunia.com/advisories/42472

reference_url	http://secunia.com/advisories/42721
reference_id
reference_type
scores
url	http://secunia.com/advisories/42721

reference_url	http://secunia.com/advisories/42762
reference_id
reference_type
scores
url	http://secunia.com/advisories/42762

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11916
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11916

reference_url	http://support.apple.com/kb/HT4554
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT4554

reference_url	http://support.apple.com/kb/HT4564
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT4564

reference_url	http://support.apple.com/kb/HT4566
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT4566

reference_url	http://support.apple.com/kb/HT4581
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT4581

reference_url	http://www.debian.org/security/2010/dsa-2137
reference_id
reference_type
scores
url	http://www.debian.org/security/2010/dsa-2137

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:260
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:260

reference_url	http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html
reference_id
reference_type
scores
url	http://www.openoffice.org/security/cves/CVE-2010-4008_CVE-2010-4494.html

reference_url	http://www.redhat.com/support/errata/RHSA-2011-1749.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-1749.html

reference_url	http://www.vupen.com/english/advisories/2010/3319
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/3319

reference_url	http://www.vupen.com/english/advisories/2010/3336
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2010/3336

reference_url	http://www.vupen.com/english/advisories/2011/0230
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0230

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607922
reference_id	607922
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607922

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=665963
reference_id	665963
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=665963

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice::::::::
reference_id	cpe:2.3:a:apache:openoffice::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes::::::::
reference_id	cpe:2.3:a:apple:itunes::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::
reference_id	cpe:2.3:a:apple:safari::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:safari::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::
reference_id	cpe:2.3:a:google:chrome::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:insight_control_server_deployment::::::::
reference_id	cpe:2.3:a:hp:insight_control_server_deployment::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:insight_control_server_deployment::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:rapid_deployment_pack::::::::
reference_id	cpe:2.3:a:hp:rapid_deployment_pack::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:rapid_deployment_pack::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2::::::::
reference_id	cpe:2.3:a:xmlsoft:libxml2::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
reference_id	cpe:2.3:o:apple:iphone_os::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:14:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1::::::
reference_id	cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp1::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-4494

reference_id

CVE-2010-4494

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-4494

reference_url	https://security.gentoo.org/glsa/201110-26
reference_id	GLSA-201110-26
reference_type
scores
url	https://security.gentoo.org/glsa/201110-26

reference_url	https://access.redhat.com/errata/RHSA-2011:1749
reference_id	RHSA-2011:1749
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:1749

reference_url	https://access.redhat.com/errata/RHSA-2013:0217
reference_id	RHSA-2013:0217
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0217

fixed_packages

url	pkg:deb/debian/libxml2@2.7.8.dfsg-2?distro=trixie
purl	pkg:deb/debian/libxml2@2.7.8.dfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-2%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie

aliases CVE-2010-4494

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-axc8-mw7j-7ufg

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-2%3Fdistro=trixie

Package Instance