{"url":"http://public2.vulnerablecode.io/api/packages/1035895?format=json","purl":"pkg:deb/debian/libxslt@1.1.28-2","type":"deb","namespace":"debian","name":"libxslt","version":"1.1.28-2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.1.35-1+deb12u4","latest_non_vulnerable_version":"1.1.35-1.2+deb13u3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84975?format=json","vulnerability_id":"VCID-28f2-6usv-zuc1","summary":"libxslt: Out-of-bounds read at xmlGetLineNoInternal()","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4609.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4609.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4609","reference_id":"","reference_type":"","scores":[{"value":"0.03604","scoring_system":"epss","scoring_elements":"0.87721","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03604","scoring_system":"epss","scoring_elements":"0.87793","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03604","scoring_system":"epss","scoring_elements":"0.87732","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03604","scoring_system":"epss","scoring_elements":"0.87745","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03604","scoring_system":"epss","scoring_elements":"0.87747","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03604","scoring_system":"epss","scoring_elements":"0.87768","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03604","scoring_system":"epss","scoring_elements":"0.87774","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03604","scoring_system":"epss","scoring_elements":"0.87785","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03604","scoring_system":"epss","scoring_elements":"0.8778","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03604","scoring_system":"epss","scoring_elements":"0.87778","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03604","scoring_system":"epss","scoring_elements":"0.87792","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90375","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90389","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.9032","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.9037","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90367","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90336","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90334","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90331","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90342","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90359","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4609"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4609","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4609"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/"},{"reference_url":"https://support.apple.com/HT206899","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206899"},{"reference_url":"https://support.apple.com/HT206901","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206901"},{"reference_url":"https://support.apple.com/HT206902","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206902"},{"reference_url":"https://support.apple.com/HT206903","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206903"},{"reference_url":"https://support.apple.com/HT206904","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206904"},{"reference_url":"https://support.apple.com/HT206905","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206905"},{"reference_url":"http://www.securityfocus.com/bid/91826","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91826"},{"reference_url":"http://www.securitytracker.com/id/1036348","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036348"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1714979","reference_id":"1714979","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1714979"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4609","reference_id":"CVE-2016-4609","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4609"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049500?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-96v6-vs1m-skf3"},{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-tdt5-asvh-ryaa"},{"vulnerability":"VCID-txm2-sdc1-7uch"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2"}],"aliases":["CVE-2016-4609"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-28f2-6usv-zuc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7898?format=json","vulnerability_id":"VCID-3f2w-tgya-x3cc","summary":"Upstream libxslt vulnerabilities\nThe `xsltAddTextString` function in `transform.c` in libxslt, as used by nokogiri, lacks a check for integer overflow during a size calculation, which allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0499.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0499.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5029.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5029.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5029","reference_id":"","reference_type":"","scores":[{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79363","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79323","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79305","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79287","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79267","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79254","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79237","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79231","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79196","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.792","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79182","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79197","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79173","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79165","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01232","scoring_system":"epss","scoring_elements":"0.79141","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01266","scoring_system":"epss","scoring_elements":"0.79416","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01266","scoring_system":"epss","scoring_elements":"0.79409","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01266","scoring_system":"epss","scoring_elements":"0.79438","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5029"},{"reference_url":"https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html","reference_id":"","reference_type":"","scores":[],"url":"https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html"},{"reference_url":"https://crbug.com/676623","reference_id":"","reference_type":"","scores":[],"url":"https://crbug.com/676623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5029","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5029"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5030","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5030"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5031","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5031"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5032","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5032"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5033","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5033"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5034","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5034"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5037","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5037"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5038","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5038"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5044","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5044"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5046","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5046"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.gnome.org/browse/libxslt/commit/?id=08ab2774b870de1c7b5a48693df75e8154addae5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.gnome.org/browse/libxslt/commit/?id=08ab2774b870de1c7b5a48693df75e8154addae5"},{"reference_url":"https://github.com/advisories/GHSA-pf6m-fxpq-fg8v","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pf6m-fxpq-fg8v"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-5029.yml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-5029.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1634","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":""},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1634"},{"reference_url":"https://ubuntu.com/security/CVE-2017-5029","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://ubuntu.com/security/CVE-2017-5029"},{"reference_url":"https://ubuntu.com/security/notices/USN-3271-1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://ubuntu.com/security/notices/USN-3271-1"},{"reference_url":"http://www.debian.org/security/2017/dsa-3810","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3810"},{"reference_url":"http://www.securityfocus.com/bid/96767","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96767"},{"reference_url":"http://www.securitytracker.com/id/1038157","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038157"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1431033","reference_id":"1431033","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1431033"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858546","reference_id":"858546","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858546"},{"reference_url":"https://security.archlinux.org/ASA-201703-4","reference_id":"ASA-201703-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-4"},{"reference_url":"https://security.archlinux.org/ASA-201703-5","reference_id":"ASA-201703-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201703-5"},{"reference_url":"https://security.archlinux.org/AVG-195","reference_id":"AVG-195","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-195"},{"reference_url":"https://security.archlinux.org/AVG-196","reference_id":"AVG-196","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-196"},{"reference_url":"https://security.archlinux.org/AVG-197","reference_id":"AVG-197","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-197"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxslt:1.1.29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5029","reference_id":"CVE-2017-5029","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5029"},{"reference_url":"https://security.gentoo.org/glsa/201804-01","reference_id":"GLSA-201804-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0499","reference_id":"RHSA-2017:0499","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0499"},{"reference_url":"https://usn.ubuntu.com/3236-1/","reference_id":"USN-3236-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3236-1/"},{"reference_url":"https://usn.ubuntu.com/3271-1/","reference_id":"USN-3271-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3271-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049500?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-96v6-vs1m-skf3"},{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-tdt5-asvh-ryaa"},{"vulnerability":"VCID-txm2-sdc1-7uch"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2"}],"aliases":["CVE-2017-5029","GHSA-pf6m-fxpq-fg8v"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3f2w-tgya-x3cc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84978?format=json","vulnerability_id":"VCID-5nuu-a7bc-jke4","summary":"libxslt: stack-based buffer overflow at exsltDateFormat()","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4608.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4608.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4608","reference_id":"","reference_type":"","scores":[{"value":"0.03375","scoring_system":"epss","scoring_elements":"0.8732","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03375","scoring_system":"epss","scoring_elements":"0.87388","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03375","scoring_system":"epss","scoring_elements":"0.87329","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03375","scoring_system":"epss","scoring_elements":"0.87345","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03375","scoring_system":"epss","scoring_elements":"0.87363","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03375","scoring_system":"epss","scoring_elements":"0.8737","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03375","scoring_system":"epss","scoring_elements":"0.87382","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03375","scoring_system":"epss","scoring_elements":"0.87377","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03375","scoring_system":"epss","scoring_elements":"0.87373","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03375","scoring_system":"epss","scoring_elements":"0.87391","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04106","scoring_system":"epss","scoring_elements":"0.88682","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04106","scoring_system":"epss","scoring_elements":"0.88706","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04106","scoring_system":"epss","scoring_elements":"0.88614","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04106","scoring_system":"epss","scoring_elements":"0.8863","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04106","scoring_system":"epss","scoring_elements":"0.88673","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04106","scoring_system":"epss","scoring_elements":"0.8867","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04106","scoring_system":"epss","scoring_elements":"0.88635","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04106","scoring_system":"epss","scoring_elements":"0.88634","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04106","scoring_system":"epss","scoring_elements":"0.88645","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04106","scoring_system":"epss","scoring_elements":"0.8866","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4608"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/"},{"reference_url":"https://support.apple.com/HT206899","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206899"},{"reference_url":"https://support.apple.com/HT206901","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206901"},{"reference_url":"https://support.apple.com/HT206902","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206902"},{"reference_url":"https://support.apple.com/HT206903","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206903"},{"reference_url":"https://support.apple.com/HT206904","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206904"},{"reference_url":"https://support.apple.com/HT206905","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206905"},{"reference_url":"http://www.securityfocus.com/bid/91826","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91826"},{"reference_url":"http://www.securitytracker.com/id/1036348","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036348"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1716454","reference_id":"1716454","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1716454"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4608","reference_id":"CVE-2016-4608","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4608"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049500?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-96v6-vs1m-skf3"},{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-tdt5-asvh-ryaa"},{"vulnerability":"VCID-txm2-sdc1-7uch"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2"}],"aliases":["CVE-2016-4608"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5nuu-a7bc-jke4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7413?format=json","vulnerability_id":"VCID-5uqv-dm9p-c7c6","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nnokogiri mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document.","references":[{"reference_url":"http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html","reference_id":"","reference_type":"","scores":[],"url":"http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1683.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1683.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1683","reference_id":"","reference_type":"","scores":[{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.77043","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76993","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76801","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76805","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76834","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76815","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76846","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76857","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76885","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76865","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76859","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76903","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76908","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.769","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76931","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.7694","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76952","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76941","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76971","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76988","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.76976","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1683"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1340016","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1340016"},{"reference_url":"https://crbug.com/583156","reference_id":"","reference_type":"","scores":[],"url":"https://crbug.com/583156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695"},{"reference_url":"https://git.gnome.org/browse/libxslt/commit/?id=d182d8f6ba3071503d96ce17395c9d55871f0242","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxslt/commit/?id=d182d8f6ba3071503d96ce17395c9d55871f0242"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/"},{"reference_url":"https://support.apple.com/HT206899","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206899"},{"reference_url":"https://support.apple.com/HT206901","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206901"},{"reference_url":"https://support.apple.com/HT206902","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206902"},{"reference_url":"https://support.apple.com/HT206903","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206903"},{"reference_url":"https://support.apple.com/HT206904","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206904"},{"reference_url":"https://support.apple.com/HT206905","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206905"},{"reference_url":"http://www.debian.org/security/2016/dsa-3590","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3590"},{"reference_url":"http://www.debian.org/security/2016/dsa-3605","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3605"},{"reference_url":"http://www.securityfocus.com/bid/90876","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/90876"},{"reference_url":"http://www.securityfocus.com/bid/91826","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91826"},{"reference_url":"http://www.securitytracker.com/id/1035981","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035981"},{"reference_url":"http://www.ubuntu.com/usn/USN-2992-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2992-1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1683","reference_id":"CVE-2016-1683","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1683"},{"reference_url":"https://security.gentoo.org/glsa/201607-07","reference_id":"GLSA-201607-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1190","reference_id":"RHSA-2016:1190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1190"},{"reference_url":"https://usn.ubuntu.com/2992-1/","reference_id":"USN-2992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2992-1/"},{"reference_url":"https://usn.ubuntu.com/3271-1/","reference_id":"USN-3271-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3271-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035896?format=json","purl":"pkg:deb/debian/libxslt@1.1.28-2%2Bdeb8u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-28f2-6usv-zuc1"},{"vulnerability":"VCID-3f2w-tgya-x3cc"},{"vulnerability":"VCID-5nuu-a7bc-jke4"},{"vulnerability":"VCID-5uqv-dm9p-c7c6"},{"vulnerability":"VCID-6ss1-s8fx-vqd7"},{"vulnerability":"VCID-96v6-vs1m-skf3"},{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-bg26-kj9r-7bea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-krjm-wk6b-akgk"},{"vulnerability":"VCID-m4cf-2dcq-uyaj"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-tdt5-asvh-ryaa"},{"vulnerability":"VCID-txm2-sdc1-7uch"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-yx1j-ja6q-1qaf"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.28-2%252Bdeb8u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1049500?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-96v6-vs1m-skf3"},{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-tdt5-asvh-ryaa"},{"vulnerability":"VCID-txm2-sdc1-7uch"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2"}],"aliases":["CVE-2016-1683"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5uqv-dm9p-c7c6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37402?format=json","vulnerability_id":"VCID-6ss1-s8fx-vqd7","summary":"Multiple vulnerabilities have been found in the Chromium web\n    browser, the worst of which allows remote attackers to execute arbitrary\n    code.","references":[{"reference_url":"http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html","reference_id":"","reference_type":"","scores":[],"url":"http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1684.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1684.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1684","reference_id":"","reference_type":"","scores":[{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75304","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75248","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75074","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75076","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75106","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75082","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75116","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75128","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.7515","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75117","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75154","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75161","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75189","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75193","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75197","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75206","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75234","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75258","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.7524","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1684"},{"reference_url":"https://crbug.com/583171","reference_id":"","reference_type":"","scores":[],"url":"https://crbug.com/583171"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695"},{"reference_url":"https://git.gnome.org/browse/libxslt/commit/?id=91d0540ac9beaa86719a05b749219a69baa0dd8d","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxslt/commit/?id=91d0540ac9beaa86719a05b749219a69baa0dd8d"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/"},{"reference_url":"https://support.apple.com/HT206899","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206899"},{"reference_url":"https://support.apple.com/HT206901","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206901"},{"reference_url":"https://support.apple.com/HT206902","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206902"},{"reference_url":"https://support.apple.com/HT206903","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206903"},{"reference_url":"https://support.apple.com/HT206904","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206904"},{"reference_url":"https://support.apple.com/HT206905","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206905"},{"reference_url":"http://www.debian.org/security/2016/dsa-3590","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3590"},{"reference_url":"http://www.debian.org/security/2016/dsa-3605","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3605"},{"reference_url":"http://www.securityfocus.com/bid/90876","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/90876"},{"reference_url":"http://www.securitytracker.com/id/1035981","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035981"},{"reference_url":"http://www.ubuntu.com/usn/USN-2992-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2992-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1340017","reference_id":"1340017","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1340017"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1684","reference_id":"CVE-2016-1684","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1684"},{"reference_url":"https://security.gentoo.org/glsa/201607-07","reference_id":"GLSA-201607-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1190","reference_id":"RHSA-2016:1190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1190"},{"reference_url":"https://usn.ubuntu.com/2992-1/","reference_id":"USN-2992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2992-1/"},{"reference_url":"https://usn.ubuntu.com/3271-1/","reference_id":"USN-3271-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3271-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035896?format=json","purl":"pkg:deb/debian/libxslt@1.1.28-2%2Bdeb8u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-28f2-6usv-zuc1"},{"vulnerability":"VCID-3f2w-tgya-x3cc"},{"vulnerability":"VCID-5nuu-a7bc-jke4"},{"vulnerability":"VCID-5uqv-dm9p-c7c6"},{"vulnerability":"VCID-6ss1-s8fx-vqd7"},{"vulnerability":"VCID-96v6-vs1m-skf3"},{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-bg26-kj9r-7bea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-krjm-wk6b-akgk"},{"vulnerability":"VCID-m4cf-2dcq-uyaj"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-tdt5-asvh-ryaa"},{"vulnerability":"VCID-txm2-sdc1-7uch"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-yx1j-ja6q-1qaf"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.28-2%252Bdeb8u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1049500?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-96v6-vs1m-skf3"},{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-tdt5-asvh-ryaa"},{"vulnerability":"VCID-txm2-sdc1-7uch"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2"}],"aliases":["CVE-2016-1684"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6ss1-s8fx-vqd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10824?format=json","vulnerability_id":"VCID-96v6-vs1m-skf3","summary":"Improper Input Validation\nIn `numbers.c` in libxslt, which is used by nokogiri, a type holding grouping characters of an `xsl:number` instruction was too narrow and an invalid character/length combination could be passed to `xsltNumberFormatDecimal`, leading to a read of uninitialized stack data.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13118.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13118.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13118","reference_id":"","reference_type":"","scores":[{"value":"0.01008","scoring_system":"epss","scoring_elements":"0.77195","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01008","scoring_system":"epss","scoring_elements":"0.77207","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01008","scoring_system":"epss","scoring_elements":"0.77186","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01008","scoring_system":"epss","scoring_elements":"0.77101","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01008","scoring_system":"epss","scoring_elements":"0.77103","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01008","scoring_system":"epss","scoring_elements":"0.77093","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01008","scoring_system":"epss","scoring_elements":"0.77157","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01008","scoring_system":"epss","scoring_elements":"0.77149","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01008","scoring_system":"epss","scoring_elements":"0.77128","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01008","scoring_system":"epss","scoring_elements":"0.77135","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01008","scoring_system":"epss","scoring_elements":"0.77259","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01008","scoring_system":"epss","scoring_elements":"0.77212","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01027","scoring_system":"epss","scoring_elements":"0.77245","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01027","scoring_system":"epss","scoring_elements":"0.77289","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01027","scoring_system":"epss","scoring_elements":"0.77292","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01027","scoring_system":"epss","scoring_elements":"0.77313","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01027","scoring_system":"epss","scoring_elements":"0.77285","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01027","scoring_system":"epss","scoring_elements":"0.77276","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01027","scoring_system":"epss","scoring_elements":"0.77263","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01027","scoring_system":"epss","scoring_elements":"0.77235","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01027","scoring_system":"epss","scoring_elements":"0.77228","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13118"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13118","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13118"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Aug/11","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Aug/11"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Aug/13","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Aug/13"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Aug/14","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Aug/14"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Aug/15","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Aug/15"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Jul/22","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Jul/22"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Jul/23","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Jul/23"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Jul/24","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Jul/24"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Jul/26","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Jul/26"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Jul/31","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Jul/31"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Jul/37","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Jul/37"},{"reference_url":"http://seclists.org/fulldisclosure/2019/Jul/38","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/Jul/38"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/sparklemotion/nokogiri/blob/f7aa3b0b29d6fe5fafe93dacd9b96b6b3d16b7ec/CHANGELOG.md?plain=1#L796","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/blob/f7aa3b0b29d6fe5fafe93dacd9b96b6b3d16b7ec/CHANGELOG.md?plain=1#L796"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/43a175339b47b8c604508813fc75b83f13cd173e","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/commit/43a175339b47b8c604508813fc75b83f13cd173e"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1943","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1943"},{"reference_url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.10.5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.10.5"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/"},{"reference_url":"https://oss-fuzz.com/testcase-detail/5197371471822848","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oss-fuzz.com/testcase-detail/5197371471822848"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/21","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Aug/21"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/22","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Aug/22"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/23","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Aug/23"},{"reference_url":"https://seclists.org/bugtraq/2019/Aug/25","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Aug/25"},{"reference_url":"https://seclists.org/bugtraq/2019/Jul/35","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Jul/35"},{"reference_url":"https://seclists.org/bugtraq/2019/Jul/36","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Jul/36"},{"reference_url":"https://seclists.org/bugtraq/2019/Jul/37","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Jul/37"},{"reference_url":"https://seclists.org/bugtraq/2019/Jul/40","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Jul/40"},{"reference_url":"https://seclists.org/bugtraq/2019/Jul/41","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Jul/41"},{"reference_url":"https://seclists.org/bugtraq/2019/Jul/42","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/bugtraq/2019/Jul/42"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190806-0004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190806-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190806-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190806-0004/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200122-0003","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20200122-0003"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200122-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200122-0003/"},{"reference_url":"https://support.apple.com/kb/HT210346","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/kb/HT210346"},{"reference_url":"https://support.apple.com/kb/HT210348","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/kb/HT210348"},{"reference_url":"https://support.apple.com/kb/HT210351","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/kb/HT210351"},{"reference_url":"https://support.apple.com/kb/HT210353","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/kb/HT210353"},{"reference_url":"https://support.apple.com/kb/HT210356","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/kb/HT210356"},{"reference_url":"https://support.apple.com/kb/HT210357","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/kb/HT210357"},{"reference_url":"https://support.apple.com/kb/HT210358","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/kb/HT210358"},{"reference_url":"https://usn.ubuntu.com/4164-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4164-1"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2020.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/11/17/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/11/17/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728541","reference_id":"1728541","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728541"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931320","reference_id":"931320","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931320"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-13118","reference_id":"CVE-2019-13118","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-13118"},{"reference_url":"https://github.com/advisories/GHSA-cf46-6xxh-pc75","reference_id":"GHSA-cf46-6xxh-pc75","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cf46-6xxh-pc75"},{"reference_url":"https://usn.ubuntu.com/4164-1/","reference_id":"USN-4164-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4164-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1051222?format=json","purl":"pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1"}],"aliases":["CVE-2019-13118","GHSA-cf46-6xxh-pc75"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-96v6-vs1m-skf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68725?format=json","vulnerability_id":"VCID-aauj-xkdy-mbea","summary":"libxslt: Type confusion in xmlNode.psvi between stylesheet and source nodes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7424.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7424.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7424","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25167","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25157","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25125","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25066","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25205","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2666","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26665","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2662","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26562","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2661","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26542","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27858","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27686","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30199","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30152","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59101","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59113","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59158","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59141","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59212","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7424"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7424","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7424"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109123","reference_id":"1109123","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109123"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/-/issues/139","reference_id":"139","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxslt/-/issues/139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379228","reference_id":"2379228","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379228"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1","reference_id":"cpe:/a:redhat:hummingbird:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-7424","reference_id":"CVE-2025-7424","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-7424"},{"reference_url":"https://access.redhat.com/errata/RHBA-2025:12345","reference_id":"RHBA-2025:12345","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/"}],"url":"https://access.redhat.com/errata/RHBA-2025:12345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11015","reference_id":"RHSA-2026:11015","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11015"},{"reference_url":"https://usn.ubuntu.com/7945-1/","reference_id":"USN-7945-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7945-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995128?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3"}],"aliases":["CVE-2025-7424"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aauj-xkdy-mbea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84976?format=json","vulnerability_id":"VCID-bg26-kj9r-7bea","summary":"libxslt: Invalid memory access leading to DoS at exsltDynMapFunction()","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4610.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4610.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4610","reference_id":"","reference_type":"","scores":[{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90262","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90389","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90367","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90375","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90265","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90279","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90284","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90298","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90306","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90313","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90312","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90307","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90322","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.9032","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90336","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90334","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90331","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90342","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90359","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.9037","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4610"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4610","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4610"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/"},{"reference_url":"https://support.apple.com/HT206899","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206899"},{"reference_url":"https://support.apple.com/HT206901","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206901"},{"reference_url":"https://support.apple.com/HT206902","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206902"},{"reference_url":"https://support.apple.com/HT206903","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206903"},{"reference_url":"https://support.apple.com/HT206904","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206904"},{"reference_url":"https://support.apple.com/HT206905","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206905"},{"reference_url":"http://www.securityfocus.com/bid/91826","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91826"},{"reference_url":"http://www.securitytracker.com/id/1036348","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036348"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1716448","reference_id":"1716448","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1716448"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:icloud:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4610","reference_id":"CVE-2016-4610","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4610"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049500?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-96v6-vs1m-skf3"},{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-tdt5-asvh-ryaa"},{"vulnerability":"VCID-txm2-sdc1-7uch"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2"}],"aliases":["CVE-2016-4610"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bg26-kj9r-7bea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70781?format=json","vulnerability_id":"VCID-jaep-1ut3-9qan","summary":"libxslt: Use-After-Free in libxslt numbers.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24855","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15193","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15404","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15187","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15473","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15277","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15365","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15415","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15377","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15272","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15337","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24911","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24827","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24889","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24814","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24834","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2493","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24918","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24873","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24753","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25296","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566","reference_id":"1100566","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2352483","reference_id":"2352483","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2352483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3107","reference_id":"RHSA-2025:3107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3389","reference_id":"RHSA-2025:3389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3528","reference_id":"RHSA-2025:3528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3615","reference_id":"RHSA-2025:3615","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3615"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3619","reference_id":"RHSA-2025:3619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3624","reference_id":"RHSA-2025:3624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3625","reference_id":"RHSA-2025:3625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3626","reference_id":"RHSA-2025:3626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3627","reference_id":"RHSA-2025:3627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4098","reference_id":"RHSA-2025:4098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4422","reference_id":"RHSA-2025:4422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4427","reference_id":"RHSA-2025:4427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4431","reference_id":"RHSA-2025:4431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4677","reference_id":"RHSA-2025:4677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4731","reference_id":"RHSA-2025:4731","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7496","reference_id":"RHSA-2025:7496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7702","reference_id":"RHSA-2025:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8303","reference_id":"RHSA-2025:8303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8303"},{"reference_url":"https://usn.ubuntu.com/7361-1/","reference_id":"USN-7361-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7361-1/"},{"reference_url":"https://usn.ubuntu.com/7787-1/","reference_id":"USN-7787-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7787-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995128?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3"}],"aliases":["CVE-2025-24855"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jaep-1ut3-9qan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81073?format=json","vulnerability_id":"VCID-krjm-wk6b-akgk","summary":"security update","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00123.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00123.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7995.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7995.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7995","reference_id":"","reference_type":"","scores":[{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80403","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80311","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80334","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80351","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80346","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80362","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80179","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80206","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80215","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80235","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.8022","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80243","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80245","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80248","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80274","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80281","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0137","scoring_system":"epss","scoring_elements":"0.80297","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01408","scoring_system":"epss","scoring_elements":"0.80435","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01408","scoring_system":"epss","scoring_elements":"0.80456","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01408","scoring_system":"epss","scoring_elements":"0.80429","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"},{"reference_url":"https://puppet.com/security/cve/cve-2015-7995","reference_id":"","reference_type":"","scores":[],"url":"https://puppet.com/security/cve/cve-2015-7995"},{"reference_url":"https://support.apple.com/HT205729","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT205729"},{"reference_url":"https://support.apple.com/HT205731","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT205731"},{"reference_url":"https://support.apple.com/HT205732","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT205732"},{"reference_url":"https://support.apple.com/HT206168","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206168"},{"reference_url":"http://www.debian.org/security/2016/dsa-3605","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3605"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/10/27/10","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/10/27/10"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/10/28/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/10/28/4"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"},{"reference_url":"http://www.securityfocus.com/bid/77325","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/77325"},{"reference_url":"http://www.securitytracker.com/id/1034736","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034736"},{"reference_url":"http://www.securitytracker.com/id/1038623","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038623"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.386546","reference_id":"","reference_type":"","scores":[],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.386546"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1257962","reference_id":"1257962","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1257962"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802971","reference_id":"802971","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802971"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7995","reference_id":"CVE-2015-7995","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7995"},{"reference_url":"https://usn.ubuntu.com/3271-1/","reference_id":"USN-3271-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3271-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035896?format=json","purl":"pkg:deb/debian/libxslt@1.1.28-2%2Bdeb8u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-28f2-6usv-zuc1"},{"vulnerability":"VCID-3f2w-tgya-x3cc"},{"vulnerability":"VCID-5nuu-a7bc-jke4"},{"vulnerability":"VCID-5uqv-dm9p-c7c6"},{"vulnerability":"VCID-6ss1-s8fx-vqd7"},{"vulnerability":"VCID-96v6-vs1m-skf3"},{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-bg26-kj9r-7bea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-krjm-wk6b-akgk"},{"vulnerability":"VCID-m4cf-2dcq-uyaj"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-tdt5-asvh-ryaa"},{"vulnerability":"VCID-txm2-sdc1-7uch"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-yx1j-ja6q-1qaf"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.28-2%252Bdeb8u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1049500?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-96v6-vs1m-skf3"},{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-tdt5-asvh-ryaa"},{"vulnerability":"VCID-txm2-sdc1-7uch"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2"}],"aliases":["CVE-2015-7995"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-krjm-wk6b-akgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85448?format=json","vulnerability_id":"VCID-m4cf-2dcq-uyaj","summary":"libxslt: Use after free in xsltDocumentFunctionLoadDocument","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1841.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1841","reference_id":"","reference_type":"","scores":[{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82098","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82353","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82297","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82313","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.8211","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82131","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82127","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82153","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82161","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82179","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82171","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82165","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82203","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82205","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82227","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82238","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.8224","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82256","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82277","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.823","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1841"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/"},{"reference_url":"https://support.apple.com/HT206564","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206564"},{"reference_url":"https://support.apple.com/HT206566","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206566"},{"reference_url":"https://support.apple.com/HT206567","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206567"},{"reference_url":"https://support.apple.com/HT206568","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206568"},{"reference_url":"http://www.securityfocus.com/bid/90691","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/90691"},{"reference_url":"http://www.securitytracker.com/id/1035890","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035890"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393780","reference_id":"1393780","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393780"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1841","reference_id":"CVE-2016-1841","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1841"},{"reference_url":"https://usn.ubuntu.com/3271-1/","reference_id":"USN-3271-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3271-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049500?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-96v6-vs1m-skf3"},{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-tdt5-asvh-ryaa"},{"vulnerability":"VCID-txm2-sdc1-7uch"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2"}],"aliases":["CVE-2016-1841"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m4cf-2dcq-uyaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10993?format=json","vulnerability_id":"VCID-nxyn-eknv-tqbf","summary":"Use After Free\nUse after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30560","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24522","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24325","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2424","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24451","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24479","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24436","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24493","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24597","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24634","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24409","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24478","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24537","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24223","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24281","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24218","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24137","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24252","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24291","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24306","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24421","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24446","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30560"},{"reference_url":"https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html"},{"reference_url":"https://crbug.com/1219209","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://crbug.com/1219209"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-30560.yml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-30560.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html"},{"reference_url":"https://www.debian.org/security/2022/dsa-5216","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5216"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079","reference_id":"990079","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079"},{"reference_url":"https://security.archlinux.org/ASA-202107-30","reference_id":"ASA-202107-30","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-30"},{"reference_url":"https://security.archlinux.org/ASA-202107-31","reference_id":"ASA-202107-31","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-31"},{"reference_url":"https://security.archlinux.org/AVG-2166","reference_id":"AVG-2166","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2166"},{"reference_url":"https://security.archlinux.org/AVG-2167","reference_id":"AVG-2167","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2167"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30560","reference_id":"CVE-2021-30560","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30560"},{"reference_url":"https://github.com/advisories/GHSA-59gp-qqm7-cw4j","reference_id":"GHSA-59gp-qqm7-cw4j","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-59gp-qqm7-cw4j"},{"reference_url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2","reference_id":"GHSA-fq42-c5rg-92c2","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2"},{"reference_url":"https://security.gentoo.org/glsa/202107-49","reference_id":"GLSA-202107-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-49"},{"reference_url":"https://security.gentoo.org/glsa/202310-23","reference_id":"GLSA-202310-23","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202310-23"},{"reference_url":"https://usn.ubuntu.com/5575-1/","reference_id":"USN-5575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5575-1/"},{"reference_url":"https://usn.ubuntu.com/5575-2/","reference_id":"USN-5575-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5575-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995127?format=json","purl":"pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1"}],"aliases":["CVE-2021-30560","GHSA-59gp-qqm7-cw4j"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nxyn-eknv-tqbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55120?format=json","vulnerability_id":"VCID-sxp3-vtcq-pugw","summary":"Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability\nIn xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.\n\nNokogiri prior to version 1.10.5 contains a vulnerable version of libxslt. Nokogiri version 1.10.5 upgrades the dependency to libxslt 1.1.34, which contains a patch for this issue.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0514","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0514"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18197.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18197.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18197","reference_id":"","reference_type":"","scores":[{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89183","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89184","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89171","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89173","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89177","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89118","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89161","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89143","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89141","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89167","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89267","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89248","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89238","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89241","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.8923","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89214","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89206","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89202","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89196","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89179","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89126","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18197"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15746","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15746"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15768","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15768"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15914","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15914"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18197"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-18197.yml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-18197.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/blob/01ab95f3e37429ed8d3b380a8d2f73902eb325d9/CHANGELOG.md?plain=1#L934","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/blob/01ab95f3e37429ed8d3b380a8d2f73902eb325d9/CHANGELOG.md?plain=1#L934"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1943","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1943"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00037.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00037.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18197","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18197"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191031-0004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20191031-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191031-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20191031-0004/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200416-0004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20200416-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200416-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200416-0004/"},{"reference_url":"https://usn.ubuntu.com/4164-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4164-1"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/11/17/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/11/17/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770768","reference_id":"1770768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770768"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942646","reference_id":"942646","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942646"},{"reference_url":"https://security.archlinux.org/ASA-202002-3","reference_id":"ASA-202002-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202002-3"},{"reference_url":"https://security.archlinux.org/AVG-1092","reference_id":"AVG-1092","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1092"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxslt:1.1.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-242x-7cm6-4w8j","reference_id":"GHSA-242x-7cm6-4w8j","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-242x-7cm6-4w8j"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4005","reference_id":"RHSA-2020:4005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4464","reference_id":"RHSA-2020:4464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4464"},{"reference_url":"https://usn.ubuntu.com/4164-1/","reference_id":"USN-4164-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4164-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995127?format=json","purl":"pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1"}],"aliases":["CVE-2019-18197","GHSA-242x-7cm6-4w8j"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sxp3-vtcq-pugw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10565?format=json","vulnerability_id":"VCID-tdt5-asvh-ryaa","summary":"Bypass of a protection mechanism in libxslt\nThe libxslt binary, which is included in nokogiri, allows bypass of a protection mechanism because callers of `xsltCheckRead` and `xsltCheckWrite` permit access even upon receiving a -1 error code. `xsltCheckRead` can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00048.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00052.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00052.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00053.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00053.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00025.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00025.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11068.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11068.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11068","reference_id":"","reference_type":"","scores":[{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78277","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78479","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78441","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78425","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78387","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78374","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78358","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78351","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78319","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78323","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78324","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78295","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.783","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78317","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78291","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78285","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78259","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78238","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78246","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78429","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01127","scoring_system":"epss","scoring_elements":"0.78413","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11068"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-11068.yml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-11068.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri/blob/f7aa3b0b29d6fe5fafe93dacd9b96b6b3d16b7ec/CHANGELOG.md?plain=1#L826","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/blob/f7aa3b0b29d6fe5fafe93dacd9b96b6b3d16b7ec/CHANGELOG.md?plain=1#L826"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/fe034aedcc59b566740567d621843731686676b9","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/commit/fe034aedcc59b566740567d621843731686676b9"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1892","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":""},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1892"},{"reference_url":"https://github.com/sparklemotion/nokogiri/pull/1898","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/pull/1898"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00016.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36TEYN37XCCKN2XUMRTBBW67BPNMSW4K/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GCOAX2IHUMKCM3ILHTMGLHCDSBTLP2JU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191017-0001","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20191017-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191017-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20191017-0001/"},{"reference_url":"https://usn.ubuntu.com/3947-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/3947-1"},{"reference_url":"https://usn.ubuntu.com/3947-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3947-1/"},{"reference_url":"https://usn.ubuntu.com/3947-2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/3947-2"},{"reference_url":"https://usn.ubuntu.com/3947-2/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3947-2/"},{"reference_url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/04/22/1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/04/22/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/04/23/5","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/04/23/5"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1709697","reference_id":"1709697","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1709697"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926895","reference_id":"926895","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926895"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*","reference_id":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*","reference_id":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*","reference_id":"cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*:*:*:*:vmware_vcenter:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:oracle:*:*","reference_id":"cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:oracle:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:-:*:*:*:oracle:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*","reference_id":"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:8.0:update_221:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:8.0:update_221:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:8.0:update_221:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11068","reference_id":"CVE-2019-11068","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11068"},{"reference_url":"https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11068","reference_id":"CVE-2019-11068","reference_type":"","scores":[],"url":"https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11068"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2019-11068","reference_id":"CVE-2019-11068","reference_type":"","scores":[],"url":"https://security-tracker.debian.org/tracker/CVE-2019-11068"},{"reference_url":"https://github.com/advisories/GHSA-qxcg-xjjg-66mj","reference_id":"GHSA-qxcg-xjjg-66mj","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qxcg-xjjg-66mj"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4005","reference_id":"RHSA-2020:4005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4464","reference_id":"RHSA-2020:4464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4464"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1051222?format=json","purl":"pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1"}],"aliases":["CVE-2019-11068","GHSA-qxcg-xjjg-66mj"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tdt5-asvh-ryaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10825?format=json","vulnerability_id":"VCID-txm2-sdc1-7uch","summary":"Improper Input Validation\nIn `numbers.c` in libxslt, which is used by nokogiri, an `xsl:number` with certain format strings could lead to an uninitialized read in `xsltNumberFormatInsertNumbers`. This could allow an attacker to discern whether a byte on the stack contains the characters `[AaIi0]`, or any other character.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13117.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13117.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13117","reference_id":"","reference_type":"","scores":[{"value":"0.04376","scoring_system":"epss","scoring_elements":"0.89045","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04376","scoring_system":"epss","scoring_elements":"0.89036","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04376","scoring_system":"epss","scoring_elements":"0.89042","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04376","scoring_system":"epss","scoring_elements":"0.89031","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04376","scoring_system":"epss","scoring_elements":"0.89016","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04376","scoring_system":"epss","scoring_elements":"0.89009","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04376","scoring_system":"epss","scoring_elements":"0.89001","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04376","scoring_system":"epss","scoring_elements":"0.88984","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04376","scoring_system":"epss","scoring_elements":"0.88988","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04376","scoring_system":"epss","scoring_elements":"0.8899","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04376","scoring_system":"epss","scoring_elements":"0.89064","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04457","scoring_system":"epss","scoring_elements":"0.89027","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04457","scoring_system":"epss","scoring_elements":"0.89019","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04457","scoring_system":"epss","scoring_elements":"0.89043","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04457","scoring_system":"epss","scoring_elements":"0.89044","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04457","scoring_system":"epss","scoring_elements":"0.89062","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04457","scoring_system":"epss","scoring_elements":"0.89066","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04457","scoring_system":"epss","scoring_elements":"0.89078","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04457","scoring_system":"epss","scoring_elements":"0.89074","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04457","scoring_system":"epss","scoring_elements":"0.89072","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13117"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13117","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13117"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-13117.yml","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-13117.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1943","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1943"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/"},{"reference_url":"https://oss-fuzz.com/testcase-detail/5631739747106816","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://oss-fuzz.com/testcase-detail/5631739747106816"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190806-0004","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190806-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190806-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190806-0004/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200122-0003","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20200122-0003"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200122-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200122-0003/"},{"reference_url":"https://usn.ubuntu.com/4164-1","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4164-1"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2020.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/11/17/2","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/11/17/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728546","reference_id":"1728546","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728546"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931321","reference_id":"931321","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931321"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-13117","reference_id":"CVE-2019-13117","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-13117"},{"reference_url":"https://github.com/advisories/GHSA-4hm9-844j-jmxp","reference_id":"GHSA-4hm9-844j-jmxp","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4hm9-844j-jmxp"},{"reference_url":"https://usn.ubuntu.com/4164-1/","reference_id":"USN-4164-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4164-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1051222?format=json","purl":"pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.32-2.2~deb10u1"}],"aliases":["CVE-2019-13117","GHSA-4hm9-844j-jmxp"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-txm2-sdc1-7uch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78065?format=json","vulnerability_id":"VCID-wdxa-4bjj-7fe5","summary":"libxslt: Processing web content may disclose sensitive information","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40403.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40403.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-40403","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28996","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29186","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30676","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30416","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30597","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30708","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31935","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31339","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31336","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31244","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31267","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.3353","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33136","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33068","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33181","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33262","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33476","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33501","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33465","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33489","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-40403"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40403","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40403"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/10","reference_id":"10","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/10"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108074","reference_id":"1108074","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108074"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349766","reference_id":"2349766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349766"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/3","reference_id":"3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/3"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/4","reference_id":"4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/4"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/5","reference_id":"5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/5"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/6","reference_id":"6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/6"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/8","reference_id":"8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/8"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/9","reference_id":"9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/9"},{"reference_url":"https://support.apple.com/en-us/HT213927","reference_id":"HT213927","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213927"},{"reference_url":"https://support.apple.com/en-us/HT213931","reference_id":"HT213931","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213931"},{"reference_url":"https://support.apple.com/en-us/HT213932","reference_id":"HT213932","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213932"},{"reference_url":"https://support.apple.com/en-us/HT213936","reference_id":"HT213936","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213936"},{"reference_url":"https://support.apple.com/en-us/HT213937","reference_id":"HT213937","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213937"},{"reference_url":"https://support.apple.com/en-us/HT213938","reference_id":"HT213938","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213938"},{"reference_url":"https://support.apple.com/en-us/HT213940","reference_id":"HT213940","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213940"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8676","reference_id":"RHSA-2025:8676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8676"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9016","reference_id":"RHSA-2025:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10065","reference_id":"RHSA-2026:10065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16008","reference_id":"RHSA-2026:16008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16009","reference_id":"RHSA-2026:16009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16174","reference_id":"RHSA-2026:16174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6266","reference_id":"RHSA-2026:6266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6499","reference_id":"RHSA-2026:6499","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6499"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7335","reference_id":"RHSA-2026:7335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8746","reference_id":"RHSA-2026:8746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8747","reference_id":"RHSA-2026:8747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8748","reference_id":"RHSA-2026:8748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8748"},{"reference_url":"https://usn.ubuntu.com/7600-1/","reference_id":"USN-7600-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7600-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995128?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3"}],"aliases":["CVE-2023-40403"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wdxa-4bjj-7fe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41684?format=json","vulnerability_id":"VCID-yx1j-ja6q-1qaf","summary":"Multiple vulnerabilities were discovered in libxslt, the worst of\n    which may allow a remote attacker to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4738.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4738.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4738","reference_id":"","reference_type":"","scores":[{"value":"0.05928","scoring_system":"epss","scoring_elements":"0.90714","published_at":"2026-05-14T12:55:00Z"},{"value":"0.05928","scoring_system":"epss","scoring_elements":"0.90635","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05928","scoring_system":"epss","scoring_elements":"0.90651","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05928","scoring_system":"epss","scoring_elements":"0.90653","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05928","scoring_system":"epss","scoring_elements":"0.90649","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05928","scoring_system":"epss","scoring_elements":"0.90662","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05928","scoring_system":"epss","scoring_elements":"0.90681","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05928","scoring_system":"epss","scoring_elements":"0.90694","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05928","scoring_system":"epss","scoring_elements":"0.90692","published_at":"2026-05-11T12:55:00Z"},{"value":"0.05928","scoring_system":"epss","scoring_elements":"0.90702","published_at":"2026-05-12T12:55:00Z"},{"value":"0.06117","scoring_system":"epss","scoring_elements":"0.90816","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06117","scoring_system":"epss","scoring_elements":"0.90791","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06117","scoring_system":"epss","scoring_elements":"0.90799","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06117","scoring_system":"epss","scoring_elements":"0.90796","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06117","scoring_system":"epss","scoring_elements":"0.90814","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06117","scoring_system":"epss","scoring_elements":"0.90774","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06117","scoring_system":"epss","scoring_elements":"0.90785","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06274","scoring_system":"epss","scoring_elements":"0.90877","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06274","scoring_system":"epss","scoring_elements":"0.90882","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06274","scoring_system":"epss","scoring_elements":"0.90891","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4738"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4738","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4738"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388777","reference_id":"1388777","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1388777"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842570","reference_id":"842570","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842570"},{"reference_url":"https://security.gentoo.org/glsa/201804-01","reference_id":"GLSA-201804-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-01"},{"reference_url":"https://usn.ubuntu.com/3271-1/","reference_id":"USN-3271-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3271-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035896?format=json","purl":"pkg:deb/debian/libxslt@1.1.28-2%2Bdeb8u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-28f2-6usv-zuc1"},{"vulnerability":"VCID-3f2w-tgya-x3cc"},{"vulnerability":"VCID-5nuu-a7bc-jke4"},{"vulnerability":"VCID-5uqv-dm9p-c7c6"},{"vulnerability":"VCID-6ss1-s8fx-vqd7"},{"vulnerability":"VCID-96v6-vs1m-skf3"},{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-bg26-kj9r-7bea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-krjm-wk6b-akgk"},{"vulnerability":"VCID-m4cf-2dcq-uyaj"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-tdt5-asvh-ryaa"},{"vulnerability":"VCID-txm2-sdc1-7uch"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-yx1j-ja6q-1qaf"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.28-2%252Bdeb8u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1049500?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-2.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-96v6-vs1m-skf3"},{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-nxyn-eknv-tqbf"},{"vulnerability":"VCID-sxp3-vtcq-pugw"},{"vulnerability":"VCID-tdt5-asvh-ryaa"},{"vulnerability":"VCID-txm2-sdc1-7uch"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"},{"vulnerability":"VCID-zwzs-qztz-wbfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-2.1%252Bdeb9u2"}],"aliases":["CVE-2016-4738"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yx1j-ja6q-1qaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70782?format=json","vulnerability_id":"VCID-z7hh-qpzy-c7b2","summary":"libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-55549","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15368","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15455","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15498","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15569","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15886","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15954","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15824","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15811","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16014","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15992","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27905","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27867","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27895","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27812","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.2783","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28156","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28044","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27966","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27804","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28623","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-55549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100565","reference_id":"1100565","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100565"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2352484","reference_id":"2352484","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2352484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3613","reference_id":"RHSA-2025:3613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3614","reference_id":"RHSA-2025:3614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3615","reference_id":"RHSA-2025:3615","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3615"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3619","reference_id":"RHSA-2025:3619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3624","reference_id":"RHSA-2025:3624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3625","reference_id":"RHSA-2025:3625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3626","reference_id":"RHSA-2025:3626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3627","reference_id":"RHSA-2025:3627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4025","reference_id":"RHSA-2025:4025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4098","reference_id":"RHSA-2025:4098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4422","reference_id":"RHSA-2025:4422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4427","reference_id":"RHSA-2025:4427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4431","reference_id":"RHSA-2025:4431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4677","reference_id":"RHSA-2025:4677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4731","reference_id":"RHSA-2025:4731","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7410","reference_id":"RHSA-2025:7410","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7496","reference_id":"RHSA-2025:7496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7702","reference_id":"RHSA-2025:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8303","reference_id":"RHSA-2025:8303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8303"},{"reference_url":"https://usn.ubuntu.com/7357-1/","reference_id":"USN-7357-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7357-1/"},{"reference_url":"https://usn.ubuntu.com/7787-1/","reference_id":"USN-7787-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7787-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995128?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3"}],"aliases":["CVE-2024-55549"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z7hh-qpzy-c7b2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42308?format=json","vulnerability_id":"VCID-zwzs-qztz-wbfj","summary":"Multiple vulnerabilities have been found in Chromium and Google\n    Chrome, the worst of which could allow remote attackers to execute\n    arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5815.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5815.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5815","reference_id":"","reference_type":"","scores":[{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29159","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29643","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29646","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29601","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29549","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29568","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29542","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29497","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29384","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29269","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29204","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29059","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29119","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29134","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29057","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29078","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29606","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29673","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29723","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29543","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5815"},{"reference_url":"https://bugs.chromium.org/p/chromium/issues/detail?id=930663","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.chromium.org/p/chromium/issues/detail?id=930663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5848","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5848"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5849","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5849"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5850","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5850"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5852","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5852"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5853","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5853"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6504"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-5815.yml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-5815.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/2630","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/2630"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/commit/08b62c25871b38d5d573515ca8a065b4b8f64f6b","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitlab.gnome.org/GNOME/libxslt/commit/08b62c25871b38d5d573515ca8a065b4b8f64f6b"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5815","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5815"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702905","reference_id":"1702905","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702905"},{"reference_url":"https://security.archlinux.org/ASA-201904-12","reference_id":"ASA-201904-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-12"},{"reference_url":"https://security.archlinux.org/AVG-952","reference_id":"AVG-952","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-952"},{"reference_url":"https://github.com/advisories/GHSA-vmfx-gcfq-wvm2","reference_id":"GHSA-vmfx-gcfq-wvm2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vmfx-gcfq-wvm2"},{"reference_url":"https://security.gentoo.org/glsa/201908-18","reference_id":"GLSA-201908-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201908-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1021","reference_id":"RHSA-2019:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1021"},{"reference_url":"https://usn.ubuntu.com/5575-1/","reference_id":"USN-5575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5575-1/"},{"reference_url":"https://usn.ubuntu.com/5575-2/","reference_id":"USN-5575-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5575-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995127?format=json","purl":"pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1"}],"aliases":["CVE-2019-5815","GHSA-vmfx-gcfq-wvm2"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zwzs-qztz-wbfj"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.28-2"}