Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
Typeapk
Namespacealpine
Namexen
Version4.7.1-r1
Qualifiers
arch aarch64
distroversion v3.7
reponame main
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4.7.1-r3
Latest_non_vulnerable_version4.9.4-r1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-bcuu-j4t3-nqav
vulnerability_id VCID-bcuu-j4t3-nqav
summary Xen 4.5.x through 4.7.x on AMD systems without the NRip feature, when emulating instructions that generate software interrupts, allows local HVM guest OS users to cause a denial of service (guest crash) by leveraging an incorrect choice for software interrupt delivery.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9378.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9378.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9378
reference_id
reference_type
scores
0
value 0.00061
scoring_system epss
scoring_elements 0.19149
published_at 2026-06-04T12:55:00Z
1
value 0.00061
scoring_system epss
scoring_elements 0.19221
published_at 2026-06-05T12:55:00Z
2
value 0.00061
scoring_system epss
scoring_elements 0.19103
published_at 2026-06-08T12:55:00Z
3
value 0.00061
scoring_system epss
scoring_elements 0.19218
published_at 2026-06-06T12:55:00Z
4
value 0.00061
scoring_system epss
scoring_elements 0.19175
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9378
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9378
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:N/I:N/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1392937
reference_id 1392937
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1392937
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845669
reference_id 845669
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845669
6
reference_url https://security.gentoo.org/glsa/201612-56
reference_id GLSA-201612-56
reference_type
scores
url https://security.gentoo.org/glsa/201612-56
7
reference_url https://xenbits.xen.org/xsa/advisory-196.html
reference_id XSA-196
reference_type
scores
url https://xenbits.xen.org/xsa/advisory-196.html
fixed_packages
0
url pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
purl pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.7.1-r1%3Farch=aarch64&distroversion=v3.7&reponame=main
aliases CVE-2016-9378, XSA-196
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bcuu-j4t3-nqav
1
url VCID-mbxc-pvmc-gug6
vulnerability_id VCID-mbxc-pvmc-gug6
summary Xen, when running on a 64-bit hypervisor, allows local x86 guest OS users to modify arbitrary memory and consequently obtain sensitive information, cause a denial of service (host crash), or execute arbitrary code on the host by leveraging broken emulation of bit test instructions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9383.json
reference_id
reference_type
scores
0
value 8.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9383.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9383
reference_id
reference_type
scores
0
value 0.00135
scoring_system epss
scoring_elements 0.33031
published_at 2026-06-04T12:55:00Z
1
value 0.00135
scoring_system epss
scoring_elements 0.33134
published_at 2026-06-05T12:55:00Z
2
value 0.00135
scoring_system epss
scoring_elements 0.33078
published_at 2026-06-08T12:55:00Z
3
value 0.00135
scoring_system epss
scoring_elements 0.33147
published_at 2026-06-06T12:55:00Z
4
value 0.00135
scoring_system epss
scoring_elements 0.33109
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9383
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7777
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9379
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9379
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9380
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9382
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9382
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9383
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9385
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9386
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:S/C:C/I:C/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1392935
reference_id 1392935
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1392935
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845668
reference_id 845668
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845668
12
reference_url https://security.gentoo.org/glsa/201612-56
reference_id GLSA-201612-56
reference_type
scores
url https://security.gentoo.org/glsa/201612-56
13
reference_url https://xenbits.xen.org/xsa/advisory-195.html
reference_id XSA-195
reference_type
scores
url https://xenbits.xen.org/xsa/advisory-195.html
fixed_packages
0
url pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
purl pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.7.1-r1%3Farch=aarch64&distroversion=v3.7&reponame=main
aliases CVE-2016-9383, XSA-195
risk_score 3.9
exploitability 0.5
weighted_severity 7.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mbxc-pvmc-gug6
2
url VCID-rvfn-w1mj-ckc1
vulnerability_id VCID-rvfn-w1mj-ckc1
summary Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9384.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9384.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9384
reference_id
reference_type
scores
0
value 0.00078
scoring_system epss
scoring_elements 0.23184
published_at 2026-06-04T12:55:00Z
1
value 0.00078
scoring_system epss
scoring_elements 0.23266
published_at 2026-06-05T12:55:00Z
2
value 0.00078
scoring_system epss
scoring_elements 0.2315
published_at 2026-06-08T12:55:00Z
3
value 0.00078
scoring_system epss
scoring_elements 0.23251
published_at 2026-06-06T12:55:00Z
4
value 0.00078
scoring_system epss
scoring_elements 0.23205
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9384
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9384
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9384
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1392934
reference_id 1392934
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1392934
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845667
reference_id 845667
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845667
6
reference_url https://security.gentoo.org/glsa/201612-56
reference_id GLSA-201612-56
reference_type
scores
url https://security.gentoo.org/glsa/201612-56
7
reference_url https://xenbits.xen.org/xsa/advisory-194.html
reference_id XSA-194
reference_type
scores
url https://xenbits.xen.org/xsa/advisory-194.html
fixed_packages
0
url pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
purl pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.7.1-r1%3Farch=aarch64&distroversion=v3.7&reponame=main
aliases CVE-2016-9384, XSA-194
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rvfn-w1mj-ckc1
3
url VCID-s8wp-dvz2-f7em
vulnerability_id VCID-s8wp-dvz2-f7em
summary Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9381.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9381.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9381
reference_id
reference_type
scores
0
value 0.00105
scoring_system epss
scoring_elements 0.2804
published_at 2026-06-04T12:55:00Z
1
value 0.00105
scoring_system epss
scoring_elements 0.27981
published_at 2026-06-08T12:55:00Z
2
value 0.00105
scoring_system epss
scoring_elements 0.28061
published_at 2026-06-06T12:55:00Z
3
value 0.00105
scoring_system epss
scoring_elements 0.28024
published_at 2026-06-07T12:55:00Z
4
value 0.00105
scoring_system epss
scoring_elements 0.2811
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9381
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9381
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9381
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:C/I:C/A:C
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1392938
reference_id 1392938
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1392938
5
reference_url https://security.gentoo.org/glsa/201612-56
reference_id GLSA-201612-56
reference_type
scores
url https://security.gentoo.org/glsa/201612-56
6
reference_url https://usn.ubuntu.com/3261-1/
reference_id USN-3261-1
reference_type
scores
url https://usn.ubuntu.com/3261-1/
7
reference_url https://xenbits.xen.org/xsa/advisory-197.html
reference_id XSA-197
reference_type
scores
url https://xenbits.xen.org/xsa/advisory-197.html
fixed_packages
0
url pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
purl pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.7.1-r1%3Farch=aarch64&distroversion=v3.7&reponame=main
aliases CVE-2016-9381, XSA-197
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s8wp-dvz2-f7em
4
url VCID-uj4z-cbkx-ayf2
vulnerability_id VCID-uj4z-cbkx-ayf2
summary The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9386.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9386.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9386
reference_id
reference_type
scores
0
value 0.001
scoring_system epss
scoring_elements 0.27261
published_at 2026-06-04T12:55:00Z
1
value 0.001
scoring_system epss
scoring_elements 0.2733
published_at 2026-06-05T12:55:00Z
2
value 0.001
scoring_system epss
scoring_elements 0.27191
published_at 2026-06-08T12:55:00Z
3
value 0.001
scoring_system epss
scoring_elements 0.27279
published_at 2026-06-06T12:55:00Z
4
value 0.001
scoring_system epss
scoring_elements 0.27239
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9386
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7777
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9379
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9379
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9380
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9382
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9382
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9383
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9385
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9386
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:S/C:C/I:C/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1392932
reference_id 1392932
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1392932
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845663
reference_id 845663
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845663
12
reference_url https://security.gentoo.org/glsa/201612-56
reference_id GLSA-201612-56
reference_type
scores
url https://security.gentoo.org/glsa/201612-56
13
reference_url https://xenbits.xen.org/xsa/advisory-191.html
reference_id XSA-191
reference_type
scores
url https://xenbits.xen.org/xsa/advisory-191.html
fixed_packages
0
url pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
purl pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.7.1-r1%3Farch=aarch64&distroversion=v3.7&reponame=main
aliases CVE-2016-9386, XSA-191
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uj4z-cbkx-ayf2
5
url VCID-xw3e-9auh-2few
vulnerability_id VCID-xw3e-9auh-2few
summary The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9385.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9385.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9385
reference_id
reference_type
scores
0
value 0.00104
scoring_system epss
scoring_elements 0.27973
published_at 2026-06-04T12:55:00Z
1
value 0.00104
scoring_system epss
scoring_elements 0.28042
published_at 2026-06-05T12:55:00Z
2
value 0.00104
scoring_system epss
scoring_elements 0.27911
published_at 2026-06-08T12:55:00Z
3
value 0.00104
scoring_system epss
scoring_elements 0.27992
published_at 2026-06-06T12:55:00Z
4
value 0.00104
scoring_system epss
scoring_elements 0.27955
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9385
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7777
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9379
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9379
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9380
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9382
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9382
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9383
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9385
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9386
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:S/C:N/I:N/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1392929
reference_id 1392929
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1392929
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845665
reference_id 845665
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845665
12
reference_url https://security.gentoo.org/glsa/201612-56
reference_id GLSA-201612-56
reference_type
scores
url https://security.gentoo.org/glsa/201612-56
13
reference_url https://xenbits.xen.org/xsa/advisory-193.html
reference_id XSA-193
reference_type
scores
url https://xenbits.xen.org/xsa/advisory-193.html
fixed_packages
0
url pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
purl pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.7.1-r1%3Farch=aarch64&distroversion=v3.7&reponame=main
aliases CVE-2016-9385, XSA-193
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xw3e-9auh-2few
6
url VCID-ya6f-mpvn-13ch
vulnerability_id VCID-ya6f-mpvn-13ch
summary Xen 4.0.x through 4.7.x mishandle x86 task switches to VM86 mode, which allows local 32-bit x86 HVM guest OS users to gain privileges or cause a denial of service (guest OS crash) by leveraging a guest operating system that uses hardware task switching and allows a new task to start in VM86 mode.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9382.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9382.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9382
reference_id
reference_type
scores
0
value 0.00124
scoring_system epss
scoring_elements 0.31088
published_at 2026-06-04T12:55:00Z
1
value 0.00124
scoring_system epss
scoring_elements 0.31155
published_at 2026-06-05T12:55:00Z
2
value 0.00124
scoring_system epss
scoring_elements 0.31053
published_at 2026-06-08T12:55:00Z
3
value 0.00124
scoring_system epss
scoring_elements 0.31122
published_at 2026-06-06T12:55:00Z
4
value 0.00124
scoring_system epss
scoring_elements 0.31085
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9382
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7777
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9379
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9379
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9380
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9382
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9382
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9383
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9385
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9386
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:S/C:C/I:C/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1392933
reference_id 1392933
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1392933
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845664
reference_id 845664
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845664
12
reference_url https://security.gentoo.org/glsa/201612-56
reference_id GLSA-201612-56
reference_type
scores
url https://security.gentoo.org/glsa/201612-56
13
reference_url https://xenbits.xen.org/xsa/advisory-192.html
reference_id XSA-192
reference_type
scores
url https://xenbits.xen.org/xsa/advisory-192.html
fixed_packages
0
url pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
purl pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.7.1-r1%3Farch=aarch64&distroversion=v3.7&reponame=main
aliases CVE-2016-9382, XSA-192
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ya6f-mpvn-13ch
7
url VCID-zveh-au3c-qffd
vulnerability_id VCID-zveh-au3c-qffd
summary The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via NUL bytes in the bootloader configuration file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9380.json
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9380.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9380
reference_id
reference_type
scores
0
value 0.00093
scoring_system epss
scoring_elements 0.25965
published_at 2026-06-04T12:55:00Z
1
value 0.00093
scoring_system epss
scoring_elements 0.26068
published_at 2026-06-05T12:55:00Z
2
value 0.00093
scoring_system epss
scoring_elements 0.25959
published_at 2026-06-08T12:55:00Z
3
value 0.00093
scoring_system epss
scoring_elements 0.26062
published_at 2026-06-06T12:55:00Z
4
value 0.00093
scoring_system epss
scoring_elements 0.26016
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9380
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7777
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9379
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9379
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9380
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9382
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9382
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9383
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9385
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9386
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:S/C:C/I:C/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1392939
reference_id 1392939
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1392939
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845670
reference_id 845670
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845670
12
reference_url https://security.gentoo.org/glsa/201612-56
reference_id GLSA-201612-56
reference_type
scores
url https://security.gentoo.org/glsa/201612-56
13
reference_url https://xenbits.xen.org/xsa/advisory-198.html
reference_id XSA-198
reference_type
scores
url https://xenbits.xen.org/xsa/advisory-198.html
fixed_packages
0
url pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
purl pkg:apk/alpine/xen@4.7.1-r1?arch=aarch64&distroversion=v3.7&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.7.1-r1%3Farch=aarch64&distroversion=v3.7&reponame=main
aliases CVE-2016-9380, XSA-198
risk_score 3.6
exploitability 0.5
weighted_severity 7.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zveh-au3c-qffd
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/xen@4.7.1-r1%3Farch=aarch64&distroversion=v3.7&reponame=main