Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-b5tz-9s1v-pkg7
Vulnerability ID VCID-b5tz-9s1v-pkg7
Aliases CVE-2015-1819
GHSA-q7wx-62r7-j2x7
Summary Vulnerabilities in libxml2 and libxslt Several vulnerabilities were discovered in the libxml2 and libxslt libraries that this package gem depends on.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-399 Resource Management Errors
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-776 Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
System Score Found at
generic_textual MODERATE http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
generic_textual MODERATE http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
generic_textual MODERATE http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html
generic_textual MODERATE http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
generic_textual MODERATE http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html
generic_textual MODERATE http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html
generic_textual MODERATE http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
generic_textual MODERATE http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
generic_textual MODERATE http://rhn.redhat.com/errata/RHSA-2015-1419.html
generic_textual MODERATE http://rhn.redhat.com/errata/RHSA-2015-2550.html
epss 0.01944 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01944 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01944 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01944 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01944 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01944 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01944 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01944 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01944 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01944 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01944 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01944 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
epss 0.01997 https://api.first.org/data/v1/epss?cve=CVE-2015-1819
generic_textual MODERATE https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-q7wx-62r7-j2x7
generic_textual MODERATE https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-1819.yml
generic_textual MODERATE https://github.com/sparklemotion/nokogiri/issues/1374
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2015-1819
generic_textual MODERATE https://security.gentoo.org/glsa/201507-08
generic_textual MODERATE https://security.gentoo.org/glsa/201701-37
generic_textual MODERATE https://support.apple.com/HT206166
generic_textual MODERATE https://support.apple.com/HT206167
generic_textual MODERATE https://support.apple.com/HT206168
generic_textual MODERATE https://support.apple.com/HT206169
generic_textual MODERATE http://www.debian.org/security/2015/dsa-3430
generic_textual MODERATE http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
generic_textual MODERATE http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
generic_textual MODERATE http://www.ubuntu.com/usn/USN-2812-1
generic_textual MODERATE http://xmlsoft.org/news.html
Reference id Reference type URL
http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html
http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html
http://rhn.redhat.com/errata/RHSA-2015-1419.html
http://rhn.redhat.com/errata/RHSA-2015-2550.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1819.json
https://api.first.org/data/v1/epss?cve=CVE-2015-1819
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710
https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-1819.yml
https://github.com/sparklemotion/nokogiri/commit/8f3de6d88d0da11fb62a45daa61b85ce71b4af59
https://github.com/sparklemotion/nokogiri/issues/1374
https://github.com/sparklemotion/nokogiri/pull/1376
https://nvd.nist.gov/vuln/detail/CVE-2015-1819
https://security.gentoo.org/glsa/201507-08
https://support.apple.com/HT206166
https://support.apple.com/HT206167
https://support.apple.com/HT206168
https://support.apple.com/HT206169
http://www.debian.org/security/2015/dsa-3430
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.ubuntu.com/usn/USN-2812-1
http://xmlsoft.org/news.html
1211278 https://bugzilla.redhat.com/show_bug.cgi?id=1211278
782782 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782782
GHSA-q7wx-62r7-j2x7 https://github.com/advisories/GHSA-q7wx-62r7-j2x7
GLSA-201701-37 https://security.gentoo.org/glsa/201701-37
RHSA-2015:1419 https://access.redhat.com/errata/RHSA-2015:1419
RHSA-2015:2550 https://access.redhat.com/errata/RHSA-2015:2550
USN-2812-1 https://usn.ubuntu.com/2812-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.83402
EPSS Score 0.01944
Published At April 7, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T12:46:58.253211+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/nokogiri/CVE-2015-1819.yml 38.0.0