Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/50173?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50173?format=api", "vulnerability_id": "VCID-rbdy-dm61-jkdw", "summary": "Multiple vulnerabilities in libxml2 might lead to execution of arbitrary\n code or Denial of Service.", "aliases": [ { "alias": "CVE-2008-4409" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/929206?format=api", "purl": "pkg:deb/debian/libxml2@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/929198?format=api", "purl": "pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/929196?format=api", "purl": "pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/929200?format=api", "purl": "pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-62bb-e8vk-7uh4" }, { "vulnerability": "VCID-d1ar-1945-sygd" }, { "vulnerability": "VCID-knx8-5fpz-zbgn" }, { "vulnerability": "VCID-nj3a-zqw9-6bga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/929199?format=api", "purl": "pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/78156?format=api", "purl": "pkg:ebuild/dev-libs/libxml2@2.7.2-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.7.2-r1" } ], "affected_packages": [], "references": [ { "reference_url": "http://bugzilla.gnome.org/show_bug.cgi?id=554660", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugzilla.gnome.org/show_bug.cgi?id=554660" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" }, { "reference_url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html" }, { "reference_url": "http://openwall.com/lists/oss-security/2008/10/02/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openwall.com/lists/oss-security/2008/10/02/4" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4409.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4409.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11297", "scoring_system": "epss", "scoring_elements": "0.93551", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.11297", "scoring_system": "epss", "scoring_elements": "0.93494", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11297", "scoring_system": "epss", "scoring_elements": "0.93503", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11297", "scoring_system": "epss", "scoring_elements": "0.9351", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11297", "scoring_system": "epss", "scoring_elements": "0.93518", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11297", "scoring_system": "epss", "scoring_elements": "0.93521", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11297", "scoring_system": "epss", "scoring_elements": "0.93527", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.11297", "scoring_system": "epss", "scoring_elements": "0.93526", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11297", "scoring_system": "epss", "scoring_elements": "0.93546", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4409" }, { "reference_url": "http://secunia.com/advisories/32130", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32130" }, { "reference_url": "http://secunia.com/advisories/32175", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32175" }, { "reference_url": "http://secunia.com/advisories/32974", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32974" }, { "reference_url": "http://secunia.com/advisories/35379", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35379" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200812-06.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200812-06.xml" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45633" }, { "reference_url": "http://support.apple.com/kb/HT3613", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3613" }, { "reference_url": "http://support.apple.com/kb/HT3639", "reference_id": "", "reference_type": "", "scores": [], "url": "http://support.apple.com/kb/HT3639" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00125.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00125.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00130.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00130.html" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:212", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:212" }, { "reference_url": "http://www.securityfocus.com/bid/31555", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31555" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1522", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1522" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/1621", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/1621" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=465756", "reference_id": "465756", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=465756" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4409", "reference_id": "CVE-2008-4409", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4409" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/dos/32454.xml", "reference_id": "CVE-2008-4409;OSVDB-48754", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/dos/32454.xml" }, { "reference_url": "https://www.securityfocus.com/bid/31555/info", "reference_id": "CVE-2008-4409;OSVDB-48754", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/31555/info" }, { "reference_url": "https://security.gentoo.org/glsa/200812-06", "reference_id": "GLSA-200812-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200812-06" } ], "weaknesses": [ { "cwe_id": 835, "name": "Loop with Unreachable Exit Condition ('Infinite Loop')", "description": "The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop." }, { "cwe_id": 399, "name": "Resource Management Errors", "description": "Weaknesses in this category are related to improper management of system resources." } ], "exploits": [ { "date_added": "2008-10-02", "description": "libxml2 - Denial of Service", "required_action": null, "due_date": null, "notes": null, "known_ransomware_campaign_use": true, "source_date_published": "2008-10-02", "exploit_type": "dos", "platform": "unix", "source_date_updated": "2014-03-23", "data_source": "Exploit-DB", "source_url": "https://www.securityfocus.com/bid/31555/info" } ], "severity_range_score": "5.0 - 5.0", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rbdy-dm61-jkdw" }