Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-5nmu-rws2-p7fg

Summary The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.

Aliases

alias	CVE-2015-3451

Fixed_packages

url pkg:deb/debian/libxml-libxml-perl@2.0001%2Bdfsg-1%2Bdeb7u1

purl pkg:deb/debian/libxml-libxml-perl@2.0001%2Bdfsg-1%2Bdeb7u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmu-rws2-p7fg

vulnerability	VCID-brs8-trgj-jbc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@2.0001%252Bdfsg-1%252Bdeb7u1

url pkg:deb/debian/libxml-libxml-perl@2.0116%2Bdfsg-1%2Bdeb8u2

purl pkg:deb/debian/libxml-libxml-perl@2.0116%2Bdfsg-1%2Bdeb8u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmu-rws2-p7fg

vulnerability	VCID-brs8-trgj-jbc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@2.0116%252Bdfsg-1%252Bdeb8u2

url	pkg:deb/debian/libxml-libxml-perl@2.0116%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/libxml-libxml-perl@2.0116%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@2.0116%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/libxml-libxml-perl@2.0128%2Bdfsg-1%2Bdeb9u1

purl pkg:deb/debian/libxml-libxml-perl@2.0128%2Bdfsg-1%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-brs8-trgj-jbc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@2.0128%252Bdfsg-1%252Bdeb9u1

url pkg:deb/debian/libxml-libxml-perl@2.0134%2Bdfsg-2?distro=trixie

purl pkg:deb/debian/libxml-libxml-perl@2.0134%2Bdfsg-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7dqx-gjdz-cug2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@2.0134%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/libxml-libxml-perl@2.0207%2Bdfsg%2Breally%2B2.0134-1?distro=trixie

purl pkg:deb/debian/libxml-libxml-perl@2.0207%2Bdfsg%2Breally%2B2.0134-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7dqx-gjdz-cug2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@2.0207%252Bdfsg%252Breally%252B2.0134-1%3Fdistro=trixie

url pkg:deb/debian/libxml-libxml-perl@2.0207%2Bdfsg%2Breally%2B2.0134-5?distro=trixie

purl pkg:deb/debian/libxml-libxml-perl@2.0207%2Bdfsg%2Breally%2B2.0134-5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7dqx-gjdz-cug2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@2.0207%252Bdfsg%252Breally%252B2.0134-5%3Fdistro=trixie

url	pkg:deb/debian/libxml-libxml-perl@2.0207%2Bdfsg%2Breally%2B2.0134-8?distro=trixie
purl	pkg:deb/debian/libxml-libxml-perl@2.0207%2Bdfsg%2Breally%2B2.0134-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@2.0207%252Bdfsg%252Breally%252B2.0134-8%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/libxml-libxml-perl@1.31-2

purl pkg:deb/debian/libxml-libxml-perl@1.31-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmu-rws2-p7fg

vulnerability	VCID-brs8-trgj-jbc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@1.31-2

url pkg:deb/debian/libxml-libxml-perl@1.58-0.3

purl pkg:deb/debian/libxml-libxml-perl@1.58-0.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmu-rws2-p7fg

vulnerability	VCID-brs8-trgj-jbc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@1.58-0.3

url pkg:deb/debian/libxml-libxml-perl@1.59-2

purl pkg:deb/debian/libxml-libxml-perl@1.59-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmu-rws2-p7fg

vulnerability	VCID-brs8-trgj-jbc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@1.59-2

url pkg:deb/debian/libxml-libxml-perl@1.66-1

purl pkg:deb/debian/libxml-libxml-perl@1.66-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmu-rws2-p7fg

vulnerability	VCID-brs8-trgj-jbc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@1.66-1

url pkg:deb/debian/libxml-libxml-perl@1.70.ds-1

purl pkg:deb/debian/libxml-libxml-perl@1.70.ds-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmu-rws2-p7fg

vulnerability	VCID-brs8-trgj-jbc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@1.70.ds-1

url pkg:deb/debian/libxml-libxml-perl@1.70.ds-1%2Bdeb6u1

purl pkg:deb/debian/libxml-libxml-perl@1.70.ds-1%2Bdeb6u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmu-rws2-p7fg

vulnerability	VCID-brs8-trgj-jbc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@1.70.ds-1%252Bdeb6u1

url pkg:deb/debian/libxml-libxml-perl@2.0001%2Bdfsg-1%2Bdeb7u1

purl pkg:deb/debian/libxml-libxml-perl@2.0001%2Bdfsg-1%2Bdeb7u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmu-rws2-p7fg

vulnerability	VCID-brs8-trgj-jbc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@2.0001%252Bdfsg-1%252Bdeb7u1

url pkg:deb/debian/libxml-libxml-perl@2.0116%2Bdfsg-1

purl pkg:deb/debian/libxml-libxml-perl@2.0116%2Bdfsg-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmu-rws2-p7fg

vulnerability	VCID-brs8-trgj-jbc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@2.0116%252Bdfsg-1

url pkg:deb/debian/libxml-libxml-perl@2.0116%2Bdfsg-1%2Bdeb8u2

purl pkg:deb/debian/libxml-libxml-perl@2.0116%2Bdfsg-1%2Bdeb8u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmu-rws2-p7fg

vulnerability	VCID-brs8-trgj-jbc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml-libxml-perl@2.0116%252Bdfsg-1%252Bdeb8u2

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3451.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3451.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-3451

reference_id

reference_type

scores

value	0.03365
scoring_system	epss
scoring_elements	0.87573
published_at	2026-06-04T12:55:00Z

value	0.03365
scoring_system	epss
scoring_elements	0.87594
published_at	2026-06-05T12:55:00Z

value	0.03365
scoring_system	epss
scoring_elements	0.87592
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-3451

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3451
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3451

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1216112
reference_id	1216112
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1216112

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783443
reference_id	783443
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783443

reference_url	https://usn.ubuntu.com/2592-1/
reference_id	USN-2592-1
reference_type
scores
url	https://usn.ubuntu.com/2592-1/

Weaknesses

cwe_id	611
name	Improper Restriction of XML External Entity Reference
description	The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Exploits

Severity_range_score null

Exploitability 0.5

Weighted_severity 0.0

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5nmu-rws2-p7fg

Vulnerability Instance