Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-yx1j-ja6q-1qaf

Summary

Multiple vulnerabilities were discovered in libxslt, the worst of
    which may allow a remote attacker to execute arbitrary code.

Aliases

alias	CVE-2016-4738

Fixed_packages

url pkg:deb/debian/libxslt@1.1.28-2%2Bdeb8u3

purl pkg:deb/debian/libxslt@1.1.28-2%2Bdeb8u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.28-2%252Bdeb8u3

url	pkg:deb/debian/libxslt@1.1.29-2?distro=trixie
purl	pkg:deb/debian/libxslt@1.1.29-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2%3Fdistro=trixie

url pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

purl pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2

url pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gz4b-hjbg-pyfz

vulnerability	VCID-qpxw-q3mc-xfhz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gz4b-hjbg-pyfz

vulnerability	VCID-qpxw-q3mc-xfhz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gz4b-hjbg-pyfz

vulnerability	VCID-qpxw-q3mc-xfhz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie

purl pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uzdd-8m94-wubv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie

url	pkg:ebuild/dev-libs/libxslt@1.1.30
purl	pkg:ebuild/dev-libs/libxslt@1.1.30
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxslt@1.1.30

Affected_packages

url pkg:deb/debian/libxslt@1.0.16-0.2

purl pkg:deb/debian/libxslt@1.0.16-0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-8a69-3km5-nfgs

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-9jk3-t3bn-4fgg

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-e7am-z8tv-47hj

vulnerability	VCID-ht3y-d2qq-cyf2

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-tp6g-d1wh-ffba

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-x5dp-mdak-gker

vulnerability	VCID-yqpr-6kdc-hqbu

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zkk5-v65p-zfag

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.0.16-0.2

url pkg:deb/debian/libxslt@1.1.12-8

purl pkg:deb/debian/libxslt@1.1.12-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-8a69-3km5-nfgs

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-9jk3-t3bn-4fgg

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-e7am-z8tv-47hj

vulnerability	VCID-ht3y-d2qq-cyf2

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-tp6g-d1wh-ffba

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-x5dp-mdak-gker

vulnerability	VCID-yqpr-6kdc-hqbu

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zkk5-v65p-zfag

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.12-8

url pkg:deb/debian/libxslt@1.1.19-1

purl pkg:deb/debian/libxslt@1.1.19-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-8a69-3km5-nfgs

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-9jk3-t3bn-4fgg

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-e7am-z8tv-47hj

vulnerability	VCID-ht3y-d2qq-cyf2

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-tp6g-d1wh-ffba

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-x5dp-mdak-gker

vulnerability	VCID-yqpr-6kdc-hqbu

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zkk5-v65p-zfag

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.19-1

url pkg:deb/debian/libxslt@1.1.19-3

purl pkg:deb/debian/libxslt@1.1.19-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-8a69-3km5-nfgs

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-9jk3-t3bn-4fgg

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-e7am-z8tv-47hj

vulnerability	VCID-ht3y-d2qq-cyf2

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-tp6g-d1wh-ffba

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-x5dp-mdak-gker

vulnerability	VCID-yqpr-6kdc-hqbu

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zkk5-v65p-zfag

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.19-3

url pkg:deb/debian/libxslt@1.1.24-2

purl pkg:deb/debian/libxslt@1.1.24-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-8a69-3km5-nfgs

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-e7am-z8tv-47hj

vulnerability	VCID-ht3y-d2qq-cyf2

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-tp6g-d1wh-ffba

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-yqpr-6kdc-hqbu

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zkk5-v65p-zfag

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.24-2

url pkg:deb/debian/libxslt@1.1.26-6%2Bsqueeze3

purl pkg:deb/debian/libxslt@1.1.26-6%2Bsqueeze3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-8a69-3km5-nfgs

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-e7am-z8tv-47hj

vulnerability	VCID-ht3y-d2qq-cyf2

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-tp6g-d1wh-ffba

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-yqpr-6kdc-hqbu

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zkk5-v65p-zfag

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.26-6%252Bsqueeze3

url pkg:deb/debian/libxslt@1.1.26-14.1

purl pkg:deb/debian/libxslt@1.1.26-14.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.26-14.1

url pkg:deb/debian/libxslt@1.1.28-2

purl pkg:deb/debian/libxslt@1.1.28-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.28-2

url pkg:deb/debian/libxslt@1.1.28-2%2Bdeb8u3

purl pkg:deb/debian/libxslt@1.1.28-2%2Bdeb8u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.28-2%252Bdeb8u3

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4738.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4738.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-4738

reference_id

reference_type

scores

value	0.06117
scoring_system	epss
scoring_elements	0.90816
published_at	2026-04-16T12:55:00Z

value	0.06117
scoring_system	epss
scoring_elements	0.90785
published_at	2026-04-08T12:55:00Z

value	0.06117
scoring_system	epss
scoring_elements	0.90791
published_at	2026-04-09T12:55:00Z

value	0.06117
scoring_system	epss
scoring_elements	0.90799
published_at	2026-04-12T12:55:00Z

value	0.06117
scoring_system	epss
scoring_elements	0.90796
published_at	2026-04-13T12:55:00Z

value	0.06117
scoring_system	epss
scoring_elements	0.90774
published_at	2026-04-07T12:55:00Z

value	0.06274
scoring_system	epss
scoring_elements	0.90882
published_at	2026-04-02T12:55:00Z

value	0.06274
scoring_system	epss
scoring_elements	0.90891
published_at	2026-04-04T12:55:00Z

value	0.06274
scoring_system	epss
scoring_elements	0.90877
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-4738

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4738
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4738

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1388777
reference_id	1388777
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1388777

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842570
reference_id	842570
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842570

reference_url	https://security.gentoo.org/glsa/201804-01
reference_id	GLSA-201804-01
reference_type
scores
url	https://security.gentoo.org/glsa/201804-01

reference_url	https://usn.ubuntu.com/3271-1/
reference_id	USN-3271-1
reference_type
scores
url	https://usn.ubuntu.com/3271-1/

Weaknesses

cwe_id	122
name	Heap-based Buffer Overflow
description	A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Exploits

Severity_range_score 4.3 - 6.5

Exploitability 0.5

Weighted_severity 5.9

Risk_score 3.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yx1j-ja6q-1qaf

Vulnerability Instance