Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/libxml2@2.9.10-r4?arch=armv7&distroversion=v3.16&reponame=main

Type apk

Namespace alpine

Name libxml2

Version 2.9.10-r4

Qualifiers

arch	armv7
distroversion	v3.16
reponame	main

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.9.10-r5

Latest_non_vulnerable_version 2.9.14-r2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-81dv-y5sg-9kgq

vulnerability_id VCID-81dv-y5sg-9kgq

summary

Missing Release of Memory after Effective Lifetime
xmlSchemaPreRun in xmlschemas.c in libxml2 allows an xmlSchemaValidateStream memory leak.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20388.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20388.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-20388

reference_id

reference_type

scores

value	0.00614
scoring_system	epss
scoring_elements	0.70298
published_at	2026-06-05T12:55:00Z

value	0.00614
scoring_system	epss
scoring_elements	0.70307
published_at	2026-06-06T12:55:00Z

value	0.00614
scoring_system	epss
scoring_elements	0.70256
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-20388

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20388
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20388

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1799734
reference_id	1799734
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1799734

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/

reference_id

545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/

reference_id

5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/

reference_url

https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/

url

https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949583
reference_id	949583
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949583

reference_url	https://security.archlinux.org/ASA-202011-15
reference_id	ASA-202011-15
reference_type
scores
url	https://security.archlinux.org/ASA-202011-15

reference_url

https://security.archlinux.org/AVG-1263

reference_id

AVG-1263

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1263

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2019-20388
reference_id	CVE-2019-20388
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2019-20388

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/

reference_id

JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/

reference_url	https://access.redhat.com/errata/RHSA-2020:2644
reference_id	RHSA-2020:2644
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2644

reference_url	https://access.redhat.com/errata/RHSA-2020:2646
reference_id	RHSA-2020:2646
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2646

reference_url	https://access.redhat.com/errata/RHSA-2020:3996
reference_id	RHSA-2020:3996
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3996

reference_url	https://access.redhat.com/errata/RHSA-2020:4479
reference_id	RHSA-2020:4479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4479

reference_url	https://access.redhat.com/errata/RHSA-2021:0949
reference_id	RHSA-2021:0949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0949

reference_url	https://usn.ubuntu.com/4991-1/
reference_id	USN-4991-1
reference_type
scores
url	https://usn.ubuntu.com/4991-1/

fixed_packages

url	pkg:apk/alpine/libxml2@2.9.10-r4?arch=armv7&distroversion=v3.16&reponame=main
purl	pkg:apk/alpine/libxml2@2.9.10-r4?arch=armv7&distroversion=v3.16&reponame=main
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libxml2@2.9.10-r4%3Farch=armv7&distroversion=v3.16&reponame=main

aliases CVE-2019-20388

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-81dv-y5sg-9kgq

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libxml2@2.9.10-r4%3Farch=armv7&distroversion=v3.16&reponame=main

Package Instance