Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-b828-btkm-tufv

Summary

Uncontrolled Resource Consumption
libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-3627.

Aliases

alias	CVE-2016-9596

Fixed_packages

url	pkg:deb/debian/libxml2@0?distro=trixie
purl	pkg:deb/debian/libxml2@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@0%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie

Affected_packages

url pkg:nuget/libxml2@2.7.8.2

purl pkg:nuget/libxml2@2.7.8.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2b1g-gp84-87e8

vulnerability	VCID-2j62-5rjn-vyeu

vulnerability	VCID-33n1-125n-63h6

vulnerability	VCID-3d1e-enaq-q3cx

vulnerability	VCID-4hws-gtxr-3bge

vulnerability	VCID-51f2-w9b7-9fb4

vulnerability	VCID-57yv-ay7b-v7ev

vulnerability	VCID-7h3p-7ej2-17f1

vulnerability	VCID-7rzw-9jj5-4ybk

vulnerability	VCID-8tej-h12t-2fag

vulnerability	VCID-9hqf-12yh-bkc8

vulnerability	VCID-9p2f-ynzb-r3gj

vulnerability	VCID-9q49-2srz-rkg7

vulnerability	VCID-aasn-u7fd-8bhy

vulnerability	VCID-ah8e-sxuu-jqcw

vulnerability	VCID-azzy-m5pc-qudn

vulnerability	VCID-b828-btkm-tufv

vulnerability	VCID-bejh-22y7-kuh6

vulnerability	VCID-bk98-bfkg-7bdt

vulnerability	VCID-cbm2-cez4-bqgh

vulnerability	VCID-cgfv-pps6-6khd

vulnerability	VCID-e9c3-5gws-u3fp

vulnerability	VCID-eb6k-ppfd-m7a3

vulnerability	VCID-ecde-c15q-ukh1

vulnerability	VCID-eebz-xjem-cygz

vulnerability	VCID-ek5d-m9pn-3fec

vulnerability	VCID-gc1r-nauj-1fge

vulnerability	VCID-ghaf-ynsg-uuea

vulnerability	VCID-gvmn-4dtv-8qcj

vulnerability	VCID-gxsm-qvkt-gygy

vulnerability	VCID-ked7-5tjg-nudx

vulnerability	VCID-netm-9gxh-3yh4

vulnerability	VCID-qtp3-a1g7-8kgw

vulnerability	VCID-r7q9-7u4b-83cz

vulnerability	VCID-rsvx-3f49-v3an

vulnerability	VCID-s3j9-1zq5-zkf5

vulnerability	VCID-s9r4-a3uz-4yhp

vulnerability	VCID-t9pa-yw9s-kqb9

vulnerability	VCID-tazr-2qgq-77fy

vulnerability	VCID-tn87-vke6-kuf6

vulnerability	VCID-tyk2-gq2c-bbcn

vulnerability	VCID-udew-3gre-13hy

vulnerability	VCID-ugyh-dycm-3bc3

vulnerability	VCID-vcq9-93xd-nfbe

vulnerability	VCID-vf7b-s3y3-sfhw

vulnerability	VCID-wc4g-sxyq-ubcd

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-wy5v-dsp3-a7aa

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@2.7.8.2

url pkg:nuget/libxml2@2.7.8.4

purl pkg:nuget/libxml2@2.7.8.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2b1g-gp84-87e8

vulnerability	VCID-2j62-5rjn-vyeu

vulnerability	VCID-33n1-125n-63h6

vulnerability	VCID-3d1e-enaq-q3cx

vulnerability	VCID-4hws-gtxr-3bge

vulnerability	VCID-51f2-w9b7-9fb4

vulnerability	VCID-57yv-ay7b-v7ev

vulnerability	VCID-7h3p-7ej2-17f1

vulnerability	VCID-7rzw-9jj5-4ybk

vulnerability	VCID-8tej-h12t-2fag

vulnerability	VCID-9hqf-12yh-bkc8

vulnerability	VCID-9p2f-ynzb-r3gj

vulnerability	VCID-9q49-2srz-rkg7

vulnerability	VCID-aasn-u7fd-8bhy

vulnerability	VCID-ah8e-sxuu-jqcw

vulnerability	VCID-azzy-m5pc-qudn

vulnerability	VCID-b828-btkm-tufv

vulnerability	VCID-bejh-22y7-kuh6

vulnerability	VCID-bk98-bfkg-7bdt

vulnerability	VCID-cbm2-cez4-bqgh

vulnerability	VCID-cgfv-pps6-6khd

vulnerability	VCID-e9c3-5gws-u3fp

vulnerability	VCID-eb6k-ppfd-m7a3

vulnerability	VCID-ecde-c15q-ukh1

vulnerability	VCID-eebz-xjem-cygz

vulnerability	VCID-ek5d-m9pn-3fec

vulnerability	VCID-gc1r-nauj-1fge

vulnerability	VCID-ghaf-ynsg-uuea

vulnerability	VCID-gvmn-4dtv-8qcj

vulnerability	VCID-gxsm-qvkt-gygy

vulnerability	VCID-ked7-5tjg-nudx

vulnerability	VCID-netm-9gxh-3yh4

vulnerability	VCID-qtp3-a1g7-8kgw

vulnerability	VCID-r7q9-7u4b-83cz

vulnerability	VCID-rsvx-3f49-v3an

vulnerability	VCID-s3j9-1zq5-zkf5

vulnerability	VCID-s9r4-a3uz-4yhp

vulnerability	VCID-t9pa-yw9s-kqb9

vulnerability	VCID-tazr-2qgq-77fy

vulnerability	VCID-tn87-vke6-kuf6

vulnerability	VCID-tyk2-gq2c-bbcn

vulnerability	VCID-udew-3gre-13hy

vulnerability	VCID-ugyh-dycm-3bc3

vulnerability	VCID-vcq9-93xd-nfbe

vulnerability	VCID-vf7b-s3y3-sfhw

vulnerability	VCID-wc4g-sxyq-ubcd

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-wy5v-dsp3-a7aa

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@2.7.8.4

url pkg:nuget/libxml2@2.7.8.5

purl pkg:nuget/libxml2@2.7.8.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2b1g-gp84-87e8

vulnerability	VCID-2j62-5rjn-vyeu

vulnerability	VCID-33n1-125n-63h6

vulnerability	VCID-3d1e-enaq-q3cx

vulnerability	VCID-4hws-gtxr-3bge

vulnerability	VCID-51f2-w9b7-9fb4

vulnerability	VCID-57yv-ay7b-v7ev

vulnerability	VCID-7h3p-7ej2-17f1

vulnerability	VCID-7rzw-9jj5-4ybk

vulnerability	VCID-8tej-h12t-2fag

vulnerability	VCID-9hqf-12yh-bkc8

vulnerability	VCID-9p2f-ynzb-r3gj

vulnerability	VCID-9q49-2srz-rkg7

vulnerability	VCID-aasn-u7fd-8bhy

vulnerability	VCID-ah8e-sxuu-jqcw

vulnerability	VCID-azzy-m5pc-qudn

vulnerability	VCID-b828-btkm-tufv

vulnerability	VCID-bejh-22y7-kuh6

vulnerability	VCID-bk98-bfkg-7bdt

vulnerability	VCID-cbm2-cez4-bqgh

vulnerability	VCID-cgfv-pps6-6khd

vulnerability	VCID-e9c3-5gws-u3fp

vulnerability	VCID-eb6k-ppfd-m7a3

vulnerability	VCID-ecde-c15q-ukh1

vulnerability	VCID-eebz-xjem-cygz

vulnerability	VCID-ek5d-m9pn-3fec

vulnerability	VCID-gc1r-nauj-1fge

vulnerability	VCID-ghaf-ynsg-uuea

vulnerability	VCID-gvmn-4dtv-8qcj

vulnerability	VCID-gxsm-qvkt-gygy

vulnerability	VCID-ked7-5tjg-nudx

vulnerability	VCID-netm-9gxh-3yh4

vulnerability	VCID-qtp3-a1g7-8kgw

vulnerability	VCID-r7q9-7u4b-83cz

vulnerability	VCID-rsvx-3f49-v3an

vulnerability	VCID-s3j9-1zq5-zkf5

vulnerability	VCID-s9r4-a3uz-4yhp

vulnerability	VCID-t9pa-yw9s-kqb9

vulnerability	VCID-tazr-2qgq-77fy

vulnerability	VCID-tn87-vke6-kuf6

vulnerability	VCID-tyk2-gq2c-bbcn

vulnerability	VCID-udew-3gre-13hy

vulnerability	VCID-ugyh-dycm-3bc3

vulnerability	VCID-vcq9-93xd-nfbe

vulnerability	VCID-vf7b-s3y3-sfhw

vulnerability	VCID-wc4g-sxyq-ubcd

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-wy5v-dsp3-a7aa

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@2.7.8.5

url pkg:nuget/libxml2@2.7.8.6

purl pkg:nuget/libxml2@2.7.8.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2b1g-gp84-87e8

vulnerability	VCID-2j62-5rjn-vyeu

vulnerability	VCID-33n1-125n-63h6

vulnerability	VCID-3d1e-enaq-q3cx

vulnerability	VCID-4hws-gtxr-3bge

vulnerability	VCID-51f2-w9b7-9fb4

vulnerability	VCID-57yv-ay7b-v7ev

vulnerability	VCID-7h3p-7ej2-17f1

vulnerability	VCID-7rzw-9jj5-4ybk

vulnerability	VCID-8tej-h12t-2fag

vulnerability	VCID-9hqf-12yh-bkc8

vulnerability	VCID-9p2f-ynzb-r3gj

vulnerability	VCID-9q49-2srz-rkg7

vulnerability	VCID-aasn-u7fd-8bhy

vulnerability	VCID-ah8e-sxuu-jqcw

vulnerability	VCID-azzy-m5pc-qudn

vulnerability	VCID-b828-btkm-tufv

vulnerability	VCID-bejh-22y7-kuh6

vulnerability	VCID-bk98-bfkg-7bdt

vulnerability	VCID-cbm2-cez4-bqgh

vulnerability	VCID-cgfv-pps6-6khd

vulnerability	VCID-e9c3-5gws-u3fp

vulnerability	VCID-eb6k-ppfd-m7a3

vulnerability	VCID-ecde-c15q-ukh1

vulnerability	VCID-eebz-xjem-cygz

vulnerability	VCID-ek5d-m9pn-3fec

vulnerability	VCID-gc1r-nauj-1fge

vulnerability	VCID-ghaf-ynsg-uuea

vulnerability	VCID-gvmn-4dtv-8qcj

vulnerability	VCID-gxsm-qvkt-gygy

vulnerability	VCID-ked7-5tjg-nudx

vulnerability	VCID-netm-9gxh-3yh4

vulnerability	VCID-qtp3-a1g7-8kgw

vulnerability	VCID-r7q9-7u4b-83cz

vulnerability	VCID-rsvx-3f49-v3an

vulnerability	VCID-s3j9-1zq5-zkf5

vulnerability	VCID-s9r4-a3uz-4yhp

vulnerability	VCID-t9pa-yw9s-kqb9

vulnerability	VCID-tazr-2qgq-77fy

vulnerability	VCID-tn87-vke6-kuf6

vulnerability	VCID-tyk2-gq2c-bbcn

vulnerability	VCID-udew-3gre-13hy

vulnerability	VCID-ugyh-dycm-3bc3

vulnerability	VCID-vcq9-93xd-nfbe

vulnerability	VCID-vf7b-s3y3-sfhw

vulnerability	VCID-wc4g-sxyq-ubcd

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-wy5v-dsp3-a7aa

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@2.7.8.6

url pkg:nuget/libxml2@2.7.8.7

purl pkg:nuget/libxml2@2.7.8.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2b1g-gp84-87e8

vulnerability	VCID-2j62-5rjn-vyeu

vulnerability	VCID-33n1-125n-63h6

vulnerability	VCID-3d1e-enaq-q3cx

vulnerability	VCID-4hws-gtxr-3bge

vulnerability	VCID-51f2-w9b7-9fb4

vulnerability	VCID-57yv-ay7b-v7ev

vulnerability	VCID-7h3p-7ej2-17f1

vulnerability	VCID-7rzw-9jj5-4ybk

vulnerability	VCID-8tej-h12t-2fag

vulnerability	VCID-9hqf-12yh-bkc8

vulnerability	VCID-9p2f-ynzb-r3gj

vulnerability	VCID-9q49-2srz-rkg7

vulnerability	VCID-aasn-u7fd-8bhy

vulnerability	VCID-ah8e-sxuu-jqcw

vulnerability	VCID-azzy-m5pc-qudn

vulnerability	VCID-b828-btkm-tufv

vulnerability	VCID-bejh-22y7-kuh6

vulnerability	VCID-bk98-bfkg-7bdt

vulnerability	VCID-cbm2-cez4-bqgh

vulnerability	VCID-cgfv-pps6-6khd

vulnerability	VCID-e9c3-5gws-u3fp

vulnerability	VCID-eb6k-ppfd-m7a3

vulnerability	VCID-ecde-c15q-ukh1

vulnerability	VCID-eebz-xjem-cygz

vulnerability	VCID-ek5d-m9pn-3fec

vulnerability	VCID-gc1r-nauj-1fge

vulnerability	VCID-ghaf-ynsg-uuea

vulnerability	VCID-gvmn-4dtv-8qcj

vulnerability	VCID-gxsm-qvkt-gygy

vulnerability	VCID-ked7-5tjg-nudx

vulnerability	VCID-netm-9gxh-3yh4

vulnerability	VCID-qtp3-a1g7-8kgw

vulnerability	VCID-r7q9-7u4b-83cz

vulnerability	VCID-rsvx-3f49-v3an

vulnerability	VCID-s3j9-1zq5-zkf5

vulnerability	VCID-s9r4-a3uz-4yhp

vulnerability	VCID-t9pa-yw9s-kqb9

vulnerability	VCID-tazr-2qgq-77fy

vulnerability	VCID-tn87-vke6-kuf6

vulnerability	VCID-tyk2-gq2c-bbcn

vulnerability	VCID-udew-3gre-13hy

vulnerability	VCID-ugyh-dycm-3bc3

vulnerability	VCID-vcq9-93xd-nfbe

vulnerability	VCID-vf7b-s3y3-sfhw

vulnerability	VCID-wc4g-sxyq-ubcd

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-wy5v-dsp3-a7aa

resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@2.7.8.7

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9596.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9596.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9596

reference_id

reference_type

scores

value	0.00673
scoring_system	epss
scoring_elements	0.71393
published_at	2026-04-13T12:55:00Z

value	0.00673
scoring_system	epss
scoring_elements	0.71349
published_at	2026-04-07T12:55:00Z

value	0.00673
scoring_system	epss
scoring_elements	0.71357
published_at	2026-04-02T12:55:00Z

value	0.00673
scoring_system	epss
scoring_elements	0.71375
published_at	2026-04-04T12:55:00Z

value	0.00673
scoring_system	epss
scoring_elements	0.7139
published_at	2026-04-08T12:55:00Z

value	0.00673
scoring_system	epss
scoring_elements	0.71403
published_at	2026-04-09T12:55:00Z

value	0.00673
scoring_system	epss
scoring_elements	0.71426
published_at	2026-04-11T12:55:00Z

value	0.00673
scoring_system	epss
scoring_elements	0.71411
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9596

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1408302
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1408302

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2016-9596
reference_id	CVE-2016-9596
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2016-9596

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	400
name	Uncontrolled Resource Consumption
description	The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	674
name	Uncontrolled Recursion
description	The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack.

Exploits

Severity_range_score 4.3 - 4.3

Exploitability 0.5

Weighted_severity 2.1

Risk_score 1.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b828-btkm-tufv

Vulnerability Instance