{"url":"http://public2.vulnerablecode.io/api/packages/104701?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-1?distro=trixie","type":"deb","namespace":"debian","name":"libxslt","version":"1.1.29-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.1.29-2","latest_non_vulnerable_version":"1.1.43-0.3","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78034?format=json","vulnerability_id":"VCID-1gsj-a6gq-83ga","summary":"libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, and CVE-2016-4612.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4609.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4609.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4609","reference_id":"","reference_type":"","scores":[{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90466","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90481","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90482","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90478","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4609"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4609","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4609"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1714979","reference_id":"1714979","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1714979"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/104701?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104690?format=json","purl":"pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104688?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104692?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104691?format=json","purl":"pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9q7z-rwe8-zydg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie"}],"aliases":["CVE-2016-4609"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1gsj-a6gq-83ga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78035?format=json","vulnerability_id":"VCID-5kc1-z3et-eud8","summary":"libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4610.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4610.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4610","reference_id":"","reference_type":"","scores":[{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90466","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90481","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90482","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0559","scoring_system":"epss","scoring_elements":"0.90478","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4610"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4610","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4610"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1716448","reference_id":"1716448","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1716448"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/104701?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104690?format=json","purl":"pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104688?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104692?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104691?format=json","purl":"pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9q7z-rwe8-zydg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie"}],"aliases":["CVE-2016-4610"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5kc1-z3et-eud8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38133?format=json","vulnerability_id":"VCID-7q6s-p2vg-3ugp","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nnokogiri mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document.","references":[{"reference_url":"http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html","reference_id":"","reference_type":"","scores":[],"url":"http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1683.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1683.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1683","reference_id":"","reference_type":"","scores":[{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.77209","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.77241","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.7725","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00989","scoring_system":"epss","scoring_elements":"0.7724","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1683"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1340016","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1340016"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1683","reference_id":"CVE-2016-1683","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1683"},{"reference_url":"https://security.gentoo.org/glsa/201607-07","reference_id":"GLSA-201607-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1190","reference_id":"RHSA-2016:1190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1190"},{"reference_url":"https://usn.ubuntu.com/2992-1/","reference_id":"USN-2992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2992-1/"},{"reference_url":"https://usn.ubuntu.com/3271-1/","reference_id":"USN-3271-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3271-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/104701?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104690?format=json","purl":"pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104688?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104692?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104691?format=json","purl":"pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9q7z-rwe8-zydg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie"}],"aliases":["CVE-2016-1683"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7q6s-p2vg-3ugp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78033?format=json","vulnerability_id":"VCID-gxb8-phyp-vban","summary":"libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4608.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4608.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4608","reference_id":"","reference_type":"","scores":[{"value":"0.04106","scoring_system":"epss","scoring_elements":"0.88797","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04106","scoring_system":"epss","scoring_elements":"0.88814","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04106","scoring_system":"epss","scoring_elements":"0.88812","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4608"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1716454","reference_id":"1716454","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1716454"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/104701?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104690?format=json","purl":"pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104688?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104692?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104691?format=json","purl":"pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9q7z-rwe8-zydg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie"}],"aliases":["CVE-2016-4608"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxb8-phyp-vban"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78031?format=json","vulnerability_id":"VCID-mgq5-9ve4-9kgb","summary":"numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1684.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1684.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1684","reference_id":"","reference_type":"","scores":[{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75478","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75507","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75511","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00866","scoring_system":"epss","scoring_elements":"0.75501","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1340017","reference_id":"1340017","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1340017"},{"reference_url":"https://security.gentoo.org/glsa/201607-07","reference_id":"GLSA-201607-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1190","reference_id":"RHSA-2016:1190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1190"},{"reference_url":"https://usn.ubuntu.com/2992-1/","reference_id":"USN-2992-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2992-1/"},{"reference_url":"https://usn.ubuntu.com/3271-1/","reference_id":"USN-3271-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3271-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/104701?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104690?format=json","purl":"pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104688?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104692?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104691?format=json","purl":"pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9q7z-rwe8-zydg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie"}],"aliases":["CVE-2016-1684"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mgq5-9ve4-9kgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78032?format=json","vulnerability_id":"VCID-zffq-an1r-ckf3","summary":"libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1841.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1841","reference_id":"","reference_type":"","scores":[{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82507","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82535","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82534","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82532","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1841"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393780","reference_id":"1393780","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1393780"},{"reference_url":"https://usn.ubuntu.com/3271-1/","reference_id":"USN-3271-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3271-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/104701?format=json","purl":"pkg:deb/debian/libxslt@1.1.29-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104690?format=json","purl":"pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104688?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104692?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6f4y-n9m4-vydg"},{"vulnerability":"VCID-e25f-65vw-ykc2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104691?format=json","purl":"pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9q7z-rwe8-zydg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie"}],"aliases":["CVE-2016-1841"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zffq-an1r-ckf3"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.29-1%3Fdistro=trixie"}