Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
Typedeb
Namespacedebian
Namelibxml2
Version2.9.4+dfsg1-3.1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.9.4+dfsg1-5.1
Latest_non_vulnerable_version2.15.2+dfsg-0.1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4hws-gtxr-3bge
vulnerability_id VCID-4hws-gtxr-3bge
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7376.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7376.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7376
reference_id
reference_type
scores
0
value 0.38432
scoring_system epss
scoring_elements 0.97211
published_at 2026-04-01T12:55:00Z
1
value 0.38432
scoring_system epss
scoring_elements 0.97251
published_at 2026-04-21T12:55:00Z
2
value 0.38432
scoring_system epss
scoring_elements 0.97247
published_at 2026-04-16T12:55:00Z
3
value 0.38432
scoring_system epss
scoring_elements 0.97249
published_at 2026-04-18T12:55:00Z
4
value 0.38432
scoring_system epss
scoring_elements 0.97216
published_at 2026-04-02T12:55:00Z
5
value 0.38432
scoring_system epss
scoring_elements 0.97222
published_at 2026-04-04T12:55:00Z
6
value 0.38432
scoring_system epss
scoring_elements 0.97223
published_at 2026-04-07T12:55:00Z
7
value 0.38432
scoring_system epss
scoring_elements 0.97233
published_at 2026-04-08T12:55:00Z
8
value 0.38432
scoring_system epss
scoring_elements 0.97234
published_at 2026-04-09T12:55:00Z
9
value 0.38432
scoring_system epss
scoring_elements 0.97237
published_at 2026-04-11T12:55:00Z
10
value 0.38432
scoring_system epss
scoring_elements 0.97238
published_at 2026-04-12T12:55:00Z
11
value 0.38432
scoring_system epss
scoring_elements 0.97239
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7376
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:N/A:P
1
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1462216
reference_id 1462216
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1462216
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870865
reference_id 870865
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870865
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7376
reference_id CVE-2017-7376
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-7376
13
reference_url https://usn.ubuntu.com/3424-1/
reference_id USN-3424-1
reference_type
scores
url https://usn.ubuntu.com/3424-1/
14
reference_url https://usn.ubuntu.com/3424-2/
reference_id USN-3424-2
reference_type
scores
url https://usn.ubuntu.com/3424-2/
fixed_packages
0
url pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
purl pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-3.1%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2017-7376
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4hws-gtxr-3bge
1
url VCID-8tej-h12t-2fag
vulnerability_id VCID-8tej-h12t-2fag
summary 
Improper Restriction of XML External Entity Reference
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7375.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7375.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7375
reference_id
reference_type
scores
0
value 0.00255
scoring_system epss
scoring_elements 0.48829
published_at 2026-04-21T12:55:00Z
1
value 0.00255
scoring_system epss
scoring_elements 0.48754
published_at 2026-04-01T12:55:00Z
2
value 0.00255
scoring_system epss
scoring_elements 0.48793
published_at 2026-04-02T12:55:00Z
3
value 0.00255
scoring_system epss
scoring_elements 0.48818
published_at 2026-04-04T12:55:00Z
4
value 0.00255
scoring_system epss
scoring_elements 0.48773
published_at 2026-04-07T12:55:00Z
5
value 0.00255
scoring_system epss
scoring_elements 0.48827
published_at 2026-04-08T12:55:00Z
6
value 0.00255
scoring_system epss
scoring_elements 0.48824
published_at 2026-04-09T12:55:00Z
7
value 0.00255
scoring_system epss
scoring_elements 0.48841
published_at 2026-04-11T12:55:00Z
8
value 0.00255
scoring_system epss
scoring_elements 0.48815
published_at 2026-04-12T12:55:00Z
9
value 0.00255
scoring_system epss
scoring_elements 0.48823
published_at 2026-04-13T12:55:00Z
10
value 0.00255
scoring_system epss
scoring_elements 0.48873
published_at 2026-04-16T12:55:00Z
11
value 0.00255
scoring_system epss
scoring_elements 0.48869
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7375
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1462203
reference_id 1462203
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1462203
11
reference_url https://source.android.com/security/bulletin/2017-06-01
reference_id 2017-06-01
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/
url https://source.android.com/security/bulletin/2017-06-01
12
reference_url https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa
reference_id 308396a55280f69ad4112d4f9892f4cbeff042aa
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/
url https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870867
reference_id 870867
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870867
14
reference_url http://www.securityfocus.com/bid/98877
reference_id 98877
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/
url http://www.securityfocus.com/bid/98877
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7375
reference_id CVE-2017-7375
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-7375
16
reference_url https://www.debian.org/security/2017/dsa-3952
reference_id dsa-3952
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/
url https://www.debian.org/security/2017/dsa-3952
17
reference_url https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e
reference_id ?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/
url https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e
18
reference_url https://usn.ubuntu.com/3424-1/
reference_id USN-3424-1
reference_type
scores
url https://usn.ubuntu.com/3424-1/
19
reference_url https://usn.ubuntu.com/3424-2/
reference_id USN-3424-2
reference_type
scores
url https://usn.ubuntu.com/3424-2/
fixed_packages
0
url pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
purl pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-3.1%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2017-7375
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8tej-h12t-2fag
2
url VCID-gvmn-4dtv-8qcj
vulnerability_id VCID-gvmn-4dtv-8qcj
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
parser.c in libxml2 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16931.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16931.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-16931
reference_id
reference_type
scores
0
value 0.0165
scoring_system epss
scoring_elements 0.81939
published_at 2026-04-01T12:55:00Z
1
value 0.0165
scoring_system epss
scoring_elements 0.82043
published_at 2026-04-21T12:55:00Z
2
value 0.0165
scoring_system epss
scoring_elements 0.82012
published_at 2026-04-12T12:55:00Z
3
value 0.0165
scoring_system epss
scoring_elements 0.82006
published_at 2026-04-13T12:55:00Z
4
value 0.0165
scoring_system epss
scoring_elements 0.82042
published_at 2026-04-18T12:55:00Z
5
value 0.0165
scoring_system epss
scoring_elements 0.8195
published_at 2026-04-02T12:55:00Z
6
value 0.0165
scoring_system epss
scoring_elements 0.81973
published_at 2026-04-04T12:55:00Z
7
value 0.0165
scoring_system epss
scoring_elements 0.81969
published_at 2026-04-07T12:55:00Z
8
value 0.0165
scoring_system epss
scoring_elements 0.81996
published_at 2026-04-08T12:55:00Z
9
value 0.0165
scoring_system epss
scoring_elements 0.82004
published_at 2026-04-09T12:55:00Z
10
value 0.0165
scoring_system epss
scoring_elements 0.82023
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-16931
2
reference_url https://bugzilla.gnome.org/show_bug.cgi?id=766956
reference_id
reference_type
scores
url https://bugzilla.gnome.org/show_bug.cgi?id=766956
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16931
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16931
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/GNOME/libxml2/commit/e26630548e7d138d2c560844c43820b6767251e3
reference_id
reference_type
scores
url https://github.com/GNOME/libxml2/commit/e26630548e7d138d2c560844c43820b6767251e3
6
reference_url https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html
7
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
url https://www.oracle.com//security-alerts/cpujul2021.html
8
reference_url http://xmlsoft.org/news.html
reference_id
reference_type
scores
url http://xmlsoft.org/news.html
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1517307
reference_id 1517307
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1517307
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-16931
reference_id CVE-2017-16931
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-16931
fixed_packages
0
url pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
purl pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-3.1%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2017-16931
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gvmn-4dtv-8qcj
3
url VCID-qqte-z1e6-xuh7
vulnerability_id VCID-qqte-z1e6-xuh7
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
A buffer overflow was discovered in libxml2 . The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is assigned strlen(buf). If the content->type is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content->prefix is appended to buf (if it actually fits) whereupon (ii) content->name is written to the buffer. However, the check for whether the content->name actually fits also uses 'len' rather than the updated buffer length strlen(buf). This allows us to write about "size" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9047.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9047.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9047
reference_id
reference_type
scores
0
value 0.0266
scoring_system epss
scoring_elements 0.85803
published_at 2026-04-21T12:55:00Z
1
value 0.0266
scoring_system epss
scoring_elements 0.85779
published_at 2026-04-09T12:55:00Z
2
value 0.0266
scoring_system epss
scoring_elements 0.85793
published_at 2026-04-11T12:55:00Z
3
value 0.0266
scoring_system epss
scoring_elements 0.8579
published_at 2026-04-12T12:55:00Z
4
value 0.0266
scoring_system epss
scoring_elements 0.85787
published_at 2026-04-13T12:55:00Z
5
value 0.0266
scoring_system epss
scoring_elements 0.85805
published_at 2026-04-16T12:55:00Z
6
value 0.0266
scoring_system epss
scoring_elements 0.85809
published_at 2026-04-18T12:55:00Z
7
value 0.02891
scoring_system epss
scoring_elements 0.86261
published_at 2026-04-02T12:55:00Z
8
value 0.02891
scoring_system epss
scoring_elements 0.86278
published_at 2026-04-04T12:55:00Z
9
value 0.02891
scoring_system epss
scoring_elements 0.86279
published_at 2026-04-07T12:55:00Z
10
value 0.02891
scoring_system epss
scoring_elements 0.86298
published_at 2026-04-08T12:55:00Z
11
value 0.03032
scoring_system epss
scoring_elements 0.86594
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9047
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1452554
reference_id 1452554
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1452554
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863022
reference_id 863022
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863022
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-9047
reference_id CVE-2017-9047
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-9047
13
reference_url https://usn.ubuntu.com/3424-1/
reference_id USN-3424-1
reference_type
scores
url https://usn.ubuntu.com/3424-1/
14
reference_url https://usn.ubuntu.com/3424-2/
reference_id USN-3424-2
reference_type
scores
url https://usn.ubuntu.com/3424-2/
fixed_packages
0
url pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
purl pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-3.1%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2017-9047
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qqte-z1e6-xuh7
4
url VCID-qxwq-xwaw-nyak
vulnerability_id VCID-qxwq-xwaw-nyak
summary 
Multiple vulnerabilities have been found in libxml2, the worst of
    which could result in the execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0663.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0663.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-0663
reference_id
reference_type
scores
0
value 0.01042
scoring_system epss
scoring_elements 0.77393
published_at 2026-04-01T12:55:00Z
1
value 0.01042
scoring_system epss
scoring_elements 0.77479
published_at 2026-04-21T12:55:00Z
2
value 0.01042
scoring_system epss
scoring_elements 0.77488
published_at 2026-04-16T12:55:00Z
3
value 0.01042
scoring_system epss
scoring_elements 0.77486
published_at 2026-04-18T12:55:00Z
4
value 0.01042
scoring_system epss
scoring_elements 0.77399
published_at 2026-04-02T12:55:00Z
5
value 0.01042
scoring_system epss
scoring_elements 0.77426
published_at 2026-04-04T12:55:00Z
6
value 0.01042
scoring_system epss
scoring_elements 0.77405
published_at 2026-04-07T12:55:00Z
7
value 0.01042
scoring_system epss
scoring_elements 0.77436
published_at 2026-04-08T12:55:00Z
8
value 0.01042
scoring_system epss
scoring_elements 0.77445
published_at 2026-04-09T12:55:00Z
9
value 0.01042
scoring_system epss
scoring_elements 0.77471
published_at 2026-04-11T12:55:00Z
10
value 0.01042
scoring_system epss
scoring_elements 0.77451
published_at 2026-04-12T12:55:00Z
11
value 0.01042
scoring_system epss
scoring_elements 0.77448
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-0663
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1462225
reference_id 1462225
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1462225
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870870
reference_id 870870
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870870
12
reference_url https://usn.ubuntu.com/3424-1/
reference_id USN-3424-1
reference_type
scores
url https://usn.ubuntu.com/3424-1/
13
reference_url https://usn.ubuntu.com/3424-2/
reference_id USN-3424-2
reference_type
scores
url https://usn.ubuntu.com/3424-2/
fixed_packages
0
url pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
purl pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-3.1%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2017-0663
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxwq-xwaw-nyak
5
url VCID-rhgj-t5cp-wkbh
vulnerability_id VCID-rhgj-t5cp-wkbh
summary 
Improper Restriction of Operations within the Bounds of a Memory Buffer
libxml2 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9048.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9048.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9048
reference_id
reference_type
scores
0
value 0.00601
scoring_system epss
scoring_elements 0.69512
published_at 2026-04-21T12:55:00Z
1
value 0.00601
scoring_system epss
scoring_elements 0.69492
published_at 2026-04-09T12:55:00Z
2
value 0.00601
scoring_system epss
scoring_elements 0.69513
published_at 2026-04-11T12:55:00Z
3
value 0.00601
scoring_system epss
scoring_elements 0.69498
published_at 2026-04-12T12:55:00Z
4
value 0.00601
scoring_system epss
scoring_elements 0.69484
published_at 2026-04-13T12:55:00Z
5
value 0.00601
scoring_system epss
scoring_elements 0.69523
published_at 2026-04-16T12:55:00Z
6
value 0.00601
scoring_system epss
scoring_elements 0.69532
published_at 2026-04-18T12:55:00Z
7
value 0.00618
scoring_system epss
scoring_elements 0.69951
published_at 2026-04-08T12:55:00Z
8
value 0.00618
scoring_system epss
scoring_elements 0.69911
published_at 2026-04-02T12:55:00Z
9
value 0.00618
scoring_system epss
scoring_elements 0.69898
published_at 2026-04-01T12:55:00Z
10
value 0.00618
scoring_system epss
scoring_elements 0.69926
published_at 2026-04-04T12:55:00Z
11
value 0.00618
scoring_system epss
scoring_elements 0.69903
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9048
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1452549
reference_id 1452549
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1452549
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863021
reference_id 863021
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863021
12
reference_url http://www.securityfocus.com/bid/98556
reference_id 98556
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:40:41Z/
url http://www.securityfocus.com/bid/98556
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-9048
reference_id CVE-2017-9048
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-9048
14
reference_url https://usn.ubuntu.com/3424-1/
reference_id USN-3424-1
reference_type
scores
url https://usn.ubuntu.com/3424-1/
15
reference_url https://usn.ubuntu.com/3424-2/
reference_id USN-3424-2
reference_type
scores
url https://usn.ubuntu.com/3424-2/
fixed_packages
0
url pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
purl pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-3.1%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2017-9048
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rhgj-t5cp-wkbh
6
url VCID-ymhr-ads4-qqdp
vulnerability_id VCID-ymhr-ads4-qqdp
summary 
Out-of-bounds Read
libxml2 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9049.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9049.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9049
reference_id
reference_type
scores
0
value 0.00458
scoring_system epss
scoring_elements 0.63902
published_at 2026-04-01T12:55:00Z
1
value 0.00458
scoring_system epss
scoring_elements 0.64032
published_at 2026-04-18T12:55:00Z
2
value 0.00458
scoring_system epss
scoring_elements 0.63961
published_at 2026-04-02T12:55:00Z
3
value 0.00458
scoring_system epss
scoring_elements 0.63989
published_at 2026-04-04T12:55:00Z
4
value 0.00458
scoring_system epss
scoring_elements 0.63948
published_at 2026-04-07T12:55:00Z
5
value 0.00458
scoring_system epss
scoring_elements 0.63999
published_at 2026-04-08T12:55:00Z
6
value 0.00458
scoring_system epss
scoring_elements 0.64016
published_at 2026-04-09T12:55:00Z
7
value 0.00458
scoring_system epss
scoring_elements 0.64028
published_at 2026-04-11T12:55:00Z
8
value 0.00458
scoring_system epss
scoring_elements 0.64014
published_at 2026-04-12T12:55:00Z
9
value 0.00458
scoring_system epss
scoring_elements 0.63985
published_at 2026-04-13T12:55:00Z
10
value 0.00458
scoring_system epss
scoring_elements 0.6402
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9049
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1452556
reference_id 1452556
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1452556
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863019
reference_id 863019
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863019
12
reference_url http://www.securityfocus.com/bid/98601
reference_id 98601
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:20:28Z/
url http://www.securityfocus.com/bid/98601
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-9049
reference_id CVE-2017-9049
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-9049
14
reference_url https://usn.ubuntu.com/3424-1/
reference_id USN-3424-1
reference_type
scores
url https://usn.ubuntu.com/3424-1/
15
reference_url https://usn.ubuntu.com/3424-2/
reference_id USN-3424-2
reference_type
scores
url https://usn.ubuntu.com/3424-2/
fixed_packages
0
url pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
purl pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-3.1%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2017-9049
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ymhr-ads4-qqdp
7
url VCID-zm21-2pqq-3ker
vulnerability_id VCID-zm21-2pqq-3ker
summary 
Out-of-bounds Read
libxml2 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9050.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9050.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9050
reference_id
reference_type
scores
0
value 0.00313
scoring_system epss
scoring_elements 0.54487
published_at 2026-04-21T12:55:00Z
1
value 0.00313
scoring_system epss
scoring_elements 0.5451
published_at 2026-04-18T12:55:00Z
2
value 0.00313
scoring_system epss
scoring_elements 0.54507
published_at 2026-04-16T12:55:00Z
3
value 0.00313
scoring_system epss
scoring_elements 0.54468
published_at 2026-04-13T12:55:00Z
4
value 0.00313
scoring_system epss
scoring_elements 0.54489
published_at 2026-04-12T12:55:00Z
5
value 0.00313
scoring_system epss
scoring_elements 0.54506
published_at 2026-04-11T12:55:00Z
6
value 0.00313
scoring_system epss
scoring_elements 0.54494
published_at 2026-04-09T12:55:00Z
7
value 0.00313
scoring_system epss
scoring_elements 0.54448
published_at 2026-04-07T12:55:00Z
8
value 0.00313
scoring_system epss
scoring_elements 0.54378
published_at 2026-04-01T12:55:00Z
9
value 0.00313
scoring_system epss
scoring_elements 0.54457
published_at 2026-04-02T12:55:00Z
10
value 0.00313
scoring_system epss
scoring_elements 0.545
published_at 2026-04-08T12:55:00Z
11
value 0.00313
scoring_system epss
scoring_elements 0.54479
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9050
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/sparklemotion/nokogiri/issues/1673
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://github.com/sparklemotion/nokogiri/issues/1673
11
reference_url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
13
reference_url https://security.gentoo.org/glsa/201711-01
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/
url https://security.gentoo.org/glsa/201711-01
14
reference_url http://www.debian.org/security/2017/dsa-3952
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/
url http://www.debian.org/security/2017/dsa-3952
15
reference_url http://www.openwall.com/lists/oss-security/2017/05/15/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/
url http://www.openwall.com/lists/oss-security/2017/05/15/1
16
reference_url http://www.securityfocus.com/bid/98568
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/
url http://www.securityfocus.com/bid/98568
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1452553
reference_id 1452553
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1452553
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863018
reference_id 863018
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863018
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-9050
reference_id CVE-2017-9050
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-9050
20
reference_url https://github.com/advisories/GHSA-8c56-cpmw-89x7
reference_id GHSA-8c56-cpmw-89x7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8c56-cpmw-89x7
21
reference_url https://usn.ubuntu.com/3424-1/
reference_id USN-3424-1
reference_type
scores
url https://usn.ubuntu.com/3424-1/
22
reference_url https://usn.ubuntu.com/3424-2/
reference_id USN-3424-2
reference_type
scores
url https://usn.ubuntu.com/3424-2/
fixed_packages
0
url pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
purl pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-3.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-3.1%3Fdistro=trixie
1
url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie
3
url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-62bb-e8vk-7uh4
1
vulnerability VCID-d1ar-1945-sygd
2
vulnerability VCID-knx8-5fpz-zbgn
3
vulnerability VCID-nj3a-zqw9-6bga
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie
aliases CVE-2017-9050, GHSA-8c56-cpmw-89x7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zm21-2pqq-3ker
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-3.1%3Fdistro=trixie