{"url":"http://public2.vulnerablecode.io/api/packages/381204?format=json","purl":"pkg:apk/alpine/xen@4.7.0-r0?arch=x86_64&distroversion=v3.7&reponame=main","type":"apk","namespace":"alpine","name":"xen","version":"4.7.0-r0","qualifiers":{"arch":"x86_64","distroversion":"v3.7","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"4.7.0-r1","latest_non_vulnerable_version":"4.9.4-r1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4066?format=json","vulnerability_id":"VCID-4s6a-mart-pba2","summary":"virtio: unbounded memory allocation issue","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1585.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1585.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1586.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1586.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1606.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1606.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1607.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1607.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1652.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1652.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1653.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1653.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1654.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1654.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1655.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1655.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1756.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1756.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1763.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1763.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1943.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1943.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5403.json","reference_id":"","reference_type":"","scores":[{"value":"3.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5403.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5403","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21975","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21707","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21825","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21813","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.218","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22133","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22182","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21966","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22046","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22102","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.2212","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22079","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22018","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22016","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.2201","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21964","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5403"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5403","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5403"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.3","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:M/Au:S/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/92148","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92148"},{"reference_url":"http://www.securitytracker.com/id/1036476","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036476"},{"reference_url":"http://www.ubuntu.com/usn/USN-3047-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3047-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-3047-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3047-2"},{"reference_url":"http://xenbits.xen.org/xsa/advisory-184.html","reference_id":"","reference_type":"","scores":[],"url":"http://xenbits.xen.org/xsa/advisory-184.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1358359","reference_id":"1358359","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1358359"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832619","reference_id":"832619","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832619"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.7.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:qemu:qemu:2.7.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:2.7.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:x86:*","reference_id":"cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:x86:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:x86:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5403","reference_id":"CVE-2016-5403","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:C"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1585","reference_id":"RHSA-2016:1585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1586","reference_id":"RHSA-2016:1586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1606","reference_id":"RHSA-2016:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1607","reference_id":"RHSA-2016:1607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1652","reference_id":"RHSA-2016:1652","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1652"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1653","reference_id":"RHSA-2016:1653","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1653"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1654","reference_id":"RHSA-2016:1654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1655","reference_id":"RHSA-2016:1655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1756","reference_id":"RHSA-2016:1756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1763","reference_id":"RHSA-2016:1763","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1763"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1943","reference_id":"RHSA-2016:1943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1943"},{"reference_url":"https://usn.ubuntu.com/3047-1/","reference_id":"USN-3047-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3047-1/"},{"reference_url":"https://usn.ubuntu.com/3125-1/","reference_id":"USN-3125-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3125-1/"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-184.html","reference_id":"XSA-184","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-184.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/381204?format=json","purl":"pkg:apk/alpine/xen@4.7.0-r0?arch=x86_64&distroversion=v3.7&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.7.0-r0%3Farch=x86_64&distroversion=v3.7&reponame=main"}],"aliases":["CVE-2016-5403","XSA-184"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4s6a-mart-pba2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4065?format=json","vulnerability_id":"VCID-nyst-ybjq-3uet","summary":"x86: Missing SMAP whitelisting in 32-bit exception / event delivery","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6259.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6259.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6259","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.5004","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.49968","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50097","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.5005","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50075","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50103","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50052","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50107","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50101","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50118","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50092","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50088","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50133","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50105","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6259"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6259","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6259"},{"reference_url":"http://support.citrix.com/article/CTX214954","reference_id":"","reference_type":"","scores":[],"url":"http://support.citrix.com/article/CTX214954"},{"reference_url":"http://www.securityfocus.com/bid/92130","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92130"},{"reference_url":"http://www.securitytracker.com/id/1036447","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036447"},{"reference_url":"http://xenbits.xen.org/xsa/advisory-183.html","reference_id":"","reference_type":"","scores":[],"url":"http://xenbits.xen.org/xsa/advisory-183.html"},{"reference_url":"http://xenbits.xen.org/xsa/xsa183-4.6.patch","reference_id":"","reference_type":"","scores":[],"url":"http://xenbits.xen.org/xsa/xsa183-4.6.patch"},{"reference_url":"http://xenbits.xen.org/xsa/xsa183-unstable.patch","reference_id":"","reference_type":"","scores":[],"url":"http://xenbits.xen.org/xsa/xsa183-unstable.patch"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1355983","reference_id":"1355983","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1355983"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xenserver:6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.5.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xenserver:6.5.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.5.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.5.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.5.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.5.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6259","reference_id":"CVE-2016-6259","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:C"},{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6259"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-183.html","reference_id":"XSA-183","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-183.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/381204?format=json","purl":"pkg:apk/alpine/xen@4.7.0-r0?arch=x86_64&distroversion=v3.7&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.7.0-r0%3Farch=x86_64&distroversion=v3.7&reponame=main"}],"aliases":["CVE-2016-6259","XSA-183"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nyst-ybjq-3uet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4064?format=json","vulnerability_id":"VCID-q479-9fry-y7dh","summary":"x86: Privilege escalation in PV guests","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6258.json","reference_id":"","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6258.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6258","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29776","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.2924","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.2945","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29387","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29823","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29871","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29685","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29748","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29783","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29788","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29742","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29692","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.2971","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29688","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29644","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29563","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6258"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8338","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8338"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5242","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5242"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6258","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6258"},{"reference_url":"http://support.citrix.com/article/CTX214954","reference_id":"","reference_type":"","scores":[],"url":"http://support.citrix.com/article/CTX214954"},{"reference_url":"http://www.debian.org/security/2016/dsa-3633","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3633"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/92131","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92131"},{"reference_url":"http://www.securitytracker.com/id/1036446","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036446"},{"reference_url":"http://xenbits.xen.org/xsa/advisory-182.html","reference_id":"","reference_type":"","scores":[],"url":"http://xenbits.xen.org/xsa/advisory-182.html"},{"reference_url":"http://xenbits.xen.org/xsa/xsa182-4.5.patch","reference_id":"","reference_type":"","scores":[],"url":"http://xenbits.xen.org/xsa/xsa182-4.5.patch"},{"reference_url":"http://xenbits.xen.org/xsa/xsa182-4.6.patch","reference_id":"","reference_type":"","scores":[],"url":"http://xenbits.xen.org/xsa/xsa182-4.6.patch"},{"reference_url":"http://xenbits.xen.org/xsa/xsa182-unstable.patch","reference_id":"","reference_type":"","scores":[],"url":"http://xenbits.xen.org/xsa/xsa182-unstable.patch"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1355987","reference_id":"1355987","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1355987"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xenserver:6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.5.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xenserver:6.5.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.5.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:3.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:3.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:3.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:3.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6258","reference_id":"CVE-2016-6258","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-6258"},{"reference_url":"https://security.gentoo.org/glsa/201611-09","reference_id":"GLSA-201611-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201611-09"},{"reference_url":"https://xenbits.xen.org/xsa/advisory-182.html","reference_id":"XSA-182","reference_type":"","scores":[],"url":"https://xenbits.xen.org/xsa/advisory-182.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/381204?format=json","purl":"pkg:apk/alpine/xen@4.7.0-r0?arch=x86_64&distroversion=v3.7&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.7.0-r0%3Farch=x86_64&distroversion=v3.7&reponame=main"}],"aliases":["CVE-2016-6258","XSA-182"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q479-9fry-y7dh"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.7.0-r0%3Farch=x86_64&distroversion=v3.7&reponame=main"}