{"url":"http://public2.vulnerablecode.io/api/packages/107956?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1.3?distro=trixie","type":"deb","namespace":"debian","name":"xerces-c","version":"3.2.4+debian-1.3","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4703?format=json","vulnerability_id":"VCID-5nau-sm5b-quhd","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1311","reference_id":"","reference_type":"","scores":[{"value":"0.04171","scoring_system":"epss","scoring_elements":"0.8894","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1311"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947431","reference_id":"947431","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947431"},{"reference_url":"https://security.archlinux.org/AVG-1354","reference_id":"AVG-1354","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1354"},{"reference_url":"https://usn.ubuntu.com/6579-1/","reference_id":"USN-6579-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6579-1/"},{"reference_url":"https://usn.ubuntu.com/6579-2/","reference_id":"USN-6579-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6579-2/"},{"reference_url":"https://usn.ubuntu.com/6590-1/","reference_id":"USN-6590-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6590-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/107962?format=json","purl":"pkg:deb/debian/xerces-c@3.2.3%2Bdebian-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.3%252Bdebian-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107955?format=json","purl":"pkg:deb/debian/xerces-c@3.2.3%2Bdebian-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.3%252Bdebian-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107953?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107956?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1.3%3Fdistro=trixie"}],"aliases":["CVE-2018-1311"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5nau-sm5b-quhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15641?format=json","vulnerability_id":"VCID-6m2u-7rct-gkca","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-37536","reference_id":"","reference_type":"","scores":[{"value":"0.02007","scoring_system":"epss","scoring_elements":"0.84065","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-37536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37536"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A6WWL4SWKAVYK6VK5YN7KZP4MZWC7IY/","reference_id":"7A6WWL4SWKAVYK6VK5YN7KZP4MZWC7IY","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A6WWL4SWKAVYK6VK5YN7KZP4MZWC7IY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AJYZUBGPVWJ7LEHRCMB5XVADQBNGURXD/","reference_id":"AJYZUBGPVWJ7LEHRCMB5XVADQBNGURXD","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AJYZUBGPVWJ7LEHRCMB5XVADQBNGURXD/"},{"reference_url":"https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0107791","reference_id":"csm?id=kb_article&sysparm_article=KB0107791","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:41Z/"}],"url":"https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0107791"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAOSSJ72CUJ535VRWTCVQKUYT2LYR3OM/","reference_id":"DAOSSJ72CUJ535VRWTCVQKUYT2LYR3OM","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAOSSJ72CUJ535VRWTCVQKUYT2LYR3OM/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00027.html","reference_id":"msg00027.html","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T03:55:41Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00027.html"},{"reference_url":"https://usn.ubuntu.com/6590-1/","reference_id":"USN-6590-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6590-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/107955?format=json","purl":"pkg:deb/debian/xerces-c@3.2.3%2Bdebian-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.3%252Bdebian-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107953?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107956?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1.3%3Fdistro=trixie"}],"aliases":["CVE-2023-37536"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6m2u-7rct-gkca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/120750?format=json","vulnerability_id":"VCID-7p28-a88b-sfa8","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0729","reference_id":"","reference_type":"","scores":[{"value":"0.23016","scoring_system":"epss","scoring_elements":"0.96037","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0729"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815907","reference_id":"815907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815907"},{"reference_url":"https://security.gentoo.org/glsa/201612-46","reference_id":"GLSA-201612-46","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-46"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/107958?format=json","purl":"pkg:deb/debian/xerces-c@3.1.3%2Bdebian-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.1.3%252Bdebian-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107955?format=json","purl":"pkg:deb/debian/xerces-c@3.2.3%2Bdebian-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.3%252Bdebian-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107953?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107956?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1.3%3Fdistro=trixie"}],"aliases":["CVE-2016-0729"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7p28-a88b-sfa8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181993?format=json","vulnerability_id":"VCID-b4b1-xf6f-tfcf","summary":"Multiple vulnerabilities have been found in Xerces-C++, the worst\n    of which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2099","reference_id":"","reference_type":"","scores":[{"value":"0.02173","scoring_system":"epss","scoring_elements":"0.84694","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2099"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2099","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2099"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823863","reference_id":"823863","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823863"},{"reference_url":"https://security.gentoo.org/glsa/201612-46","reference_id":"GLSA-201612-46","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-46"},{"reference_url":"https://usn.ubuntu.com/USN-4784-1/","reference_id":"USN-USN-4784-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4784-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/107959?format=json","purl":"pkg:deb/debian/xerces-c@3.1.3%2Bdebian-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.1.3%252Bdebian-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107955?format=json","purl":"pkg:deb/debian/xerces-c@3.2.3%2Bdebian-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.3%252Bdebian-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107953?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107956?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1.3%3Fdistro=trixie"}],"aliases":["CVE-2016-2099"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b4b1-xf6f-tfcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1397?format=json","vulnerability_id":"VCID-cgk4-busr-wkge","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4463","reference_id":"","reference_type":"","scores":[{"value":"0.38346","scoring_system":"epss","scoring_elements":"0.97333","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4463"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828990","reference_id":"828990","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828990"},{"reference_url":"https://usn.ubuntu.com/USN-4784-1/","reference_id":"USN-USN-4784-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4784-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/107960?format=json","purl":"pkg:deb/debian/xerces-c@3.1.3%2Bdebian-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.1.3%252Bdebian-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107955?format=json","purl":"pkg:deb/debian/xerces-c@3.2.3%2Bdebian-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.3%252Bdebian-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107953?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107956?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1.3%3Fdistro=trixie"}],"aliases":["CVE-2016-4463"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cgk4-busr-wkge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201452?format=json","vulnerability_id":"VCID-sa8w-8wbn-cqct","summary":"Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in \"simply nested DTD structures,\" as demonstrated by the Codenomicon XML fuzzing framework.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1885","reference_id":"","reference_type":"","scores":[{"value":"0.14146","scoring_system":"epss","scoring_elements":"0.9453","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1885"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540297","reference_id":"540297","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540297"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/107954?format=json","purl":"pkg:deb/debian/xerces-c@3.0.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.0.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107955?format=json","purl":"pkg:deb/debian/xerces-c@3.2.3%2Bdebian-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.3%252Bdebian-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107953?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107956?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1.3%3Fdistro=trixie"}],"aliases":["CVE-2009-1885"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sa8w-8wbn-cqct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/348?format=json","vulnerability_id":"VCID-w1s9-bft5-ckar","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0252","reference_id":"","reference_type":"","scores":[{"value":"0.25211","scoring_system":"epss","scoring_elements":"0.96315","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0252"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780827","reference_id":"780827","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780827"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/107957?format=json","purl":"pkg:deb/debian/xerces-c@3.1.1-5.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.1.1-5.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107955?format=json","purl":"pkg:deb/debian/xerces-c@3.2.3%2Bdebian-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.3%252Bdebian-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107953?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107956?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1.3%3Fdistro=trixie"}],"aliases":["CVE-2015-0252"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w1s9-bft5-ckar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2631?format=json","vulnerability_id":"VCID-wuxv-btka-jyes","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12627","reference_id":"","reference_type":"","scores":[{"value":"0.05316","scoring_system":"epss","scoring_elements":"0.90253","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12627"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894050","reference_id":"894050","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894050"},{"reference_url":"https://security.archlinux.org/ASA-201803-23","reference_id":"ASA-201803-23","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-23"},{"reference_url":"https://security.archlinux.org/AVG-644","reference_id":"AVG-644","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-644"},{"reference_url":"https://usn.ubuntu.com/USN-4784-1/","reference_id":"USN-USN-4784-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4784-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/107961?format=json","purl":"pkg:deb/debian/xerces-c@3.2.1%2Bdebian-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.1%252Bdebian-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107955?format=json","purl":"pkg:deb/debian/xerces-c@3.2.3%2Bdebian-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.3%252Bdebian-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107953?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/107956?format=json","purl":"pkg:deb/debian/xerces-c@3.2.4%2Bdebian-1.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1.3%3Fdistro=trixie"}],"aliases":["CVE-2017-12627"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wuxv-btka-jyes"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xerces-c@3.2.4%252Bdebian-1.3%3Fdistro=trixie"}