{"url":"http://public2.vulnerablecode.io/api/packages/4593?format=json","purl":"pkg:deb/debian/libxml2@2.6.27.dfsg-1","type":"deb","namespace":"debian","name":"libxml2","version":"2.6.27.dfsg-1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.15.3+dfsg-1","latest_non_vulnerable_version":"2.15.3+dfsg-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37945?format=json","vulnerability_id":"VCID-1esy-azbk-rkgn","summary":"Uncontrolled Resource Consumption\nThe xz_decomp function in xzlib.c in libxml2 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8035.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8035.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8035","reference_id":"","reference_type":"","scores":[{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.774","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.77428","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.77437","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.77418","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.77439","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1277146","reference_id":"1277146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1277146"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803942","reference_id":"803942","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803942"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8035","reference_id":"CVE-2015-8035","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1190","reference_id":"RHSA-2020:1190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1190"},{"reference_url":"https://usn.ubuntu.com/2812-1/","reference_id":"USN-2812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2812-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-8035"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1esy-azbk-rkgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37946?format=json","vulnerability_id":"VCID-1f8c-m3q3-yyea","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nlibxml2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7941.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7941.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7941","reference_id":"","reference_type":"","scores":[{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63233","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63227","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63225","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63181","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63223","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63209","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1274222","reference_id":"1274222","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1274222"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783010","reference_id":"783010","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783010"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7941","reference_id":"CVE-2015-7941","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2812-1/","reference_id":"USN-2812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2812-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-7941"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1f8c-m3q3-yyea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38139?format=json","vulnerability_id":"VCID-1nax-e3jj-ryef","summary":"Use of Externally-Controlled Format String\nFormat string vulnerability in libxml2 allows attackers to have unspecified impact via format string specifiers in unknown vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4448.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4448.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4448","reference_id":"","reference_type":"","scores":[{"value":"0.01546","scoring_system":"epss","scoring_elements":"0.81723","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01546","scoring_system":"epss","scoring_elements":"0.81753","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01546","scoring_system":"epss","scoring_elements":"0.81754","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01546","scoring_system":"epss","scoring_elements":"0.81747","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01546","scoring_system":"epss","scoring_elements":"0.81762","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4448"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338700","reference_id":"1338700","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338700"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829718","reference_id":"829718","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829718"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4448","reference_id":"CVE-2016-4448","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4448"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/3235-1/","reference_id":"USN-3235-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3235-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-4448"],"risk_score":1.7,"exploitability":"0.5","weighted_severity":"3.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1nax-e3jj-ryef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53460?format=json","vulnerability_id":"VCID-1sh8-bsk3-auct","summary":"libxml2 has a global Buffer Overflow vulnerability in `xmlEncodeEntitiesInternal` at `libxml2/entities.c`.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00036.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00036.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00061.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00061.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24977.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24977.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24977","reference_id":"","reference_type":"","scores":[{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.72316","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.72355","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.72345","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.7233","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.72358","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00697","scoring_system":"epss","scoring_elements":"0.72364","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24977"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/178","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/178"},{"reference_url":"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NQ5GTDYOVH26PBCPYXXMGW5ZZXWMGZC/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NQ5GTDYOVH26PBCPYXXMGW5ZZXWMGZC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KTUAGDLEHTH6HU66HBFAFTSQ3OKRAN3/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KTUAGDLEHTH6HU66HBFAFTSQ3OKRAN3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/674LQPJO2P2XTBTREFR5LOZMBTZ4PZAY/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/674LQPJO2P2XTBTREFR5LOZMBTZ4PZAY/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KQXOHIE3MNY3VQXEN7LDQUJNIHOVHAW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KQXOHIE3MNY3VQXEN7LDQUJNIHOVHAW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ENEHQIBMSI6TZVS35Y6I4FCTYUQDLJVP/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ENEHQIBMSI6TZVS35Y6I4FCTYUQDLJVP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H3IQ7OQXBKWD3YP7HO6KCNOMLE5ZO2IR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H3IQ7OQXBKWD3YP7HO6KCNOMLE5ZO2IR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3ICASXZI2UQYFJAOQWHSTNWGED3VXOE/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3ICASXZI2UQYFJAOQWHSTNWGED3VXOE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCHXIWR5DHYO3RSO7RAHEC6VJKXD2EH2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCHXIWR5DHYO3RSO7RAHEC6VJKXD2EH2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7MEWYKIKMV2SKMGH4IDWVU3ZGJXBCPQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7MEWYKIKMV2SKMGH4IDWVU3ZGJXBCPQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RIQAMBA2IJUTQG5VOP5LZVIZRNCKXHEQ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RIQAMBA2IJUTQG5VOP5LZVIZRNCKXHEQ/"},{"reference_url":"https://security.gentoo.org/glsa/202107-05","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-05"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200924-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200924-0001/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1877788","reference_id":"1877788","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1877788"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969529","reference_id":"969529","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969529"},{"reference_url":"https://security.archlinux.org/ASA-202011-15","reference_id":"ASA-202011-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-15"},{"reference_url":"https://security.archlinux.org/AVG-1263","reference_id":"AVG-1263","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1263"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24977","reference_id":"CVE-2020-24977","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-24977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1597","reference_id":"RHSA-2021:1597","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1597"},{"reference_url":"https://usn.ubuntu.com/4991-1/","reference_id":"USN-4991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2020-24977"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1sh8-bsk3-auct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38621?format=json","vulnerability_id":"VCID-1vsu-txd5-qbf3","summary":"Out-of-bounds Read\nlibxml2 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9049.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9049.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9049","reference_id":"","reference_type":"","scores":[{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64318","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64369","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64363","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64371","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.6436","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64349","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452556","reference_id":"1452556","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452556"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863019","reference_id":"863019","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863019"},{"reference_url":"http://www.securityfocus.com/bid/98601","reference_id":"98601","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:20:28Z/"}],"url":"http://www.securityfocus.com/bid/98601"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9049","reference_id":"CVE-2017-9049","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9049"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:20:28Z/"}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:20:28Z/"}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://usn.ubuntu.com/3424-1/","reference_id":"USN-3424-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-1/"},{"reference_url":"https://usn.ubuntu.com/3424-2/","reference_id":"USN-3424-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5477?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4"}],"aliases":["CVE-2017-9049"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1vsu-txd5-qbf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39424?format=json","vulnerability_id":"VCID-1zr7-kx71-tkcr","summary":"Improper Restriction of XML External Entity Reference\nA flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7375.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7375.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7375","reference_id":"","reference_type":"","scores":[{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63675","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63626","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63668","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63676","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00443","scoring_system":"epss","scoring_elements":"0.63656","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1038623","reference_id":"1038623","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/"}],"url":"http://www.securitytracker.com/id/1038623"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1462203","reference_id":"1462203","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1462203"},{"reference_url":"https://source.android.com/security/bulletin/2017-06-01","reference_id":"2017-06-01","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/"}],"url":"https://source.android.com/security/bulletin/2017-06-01"},{"reference_url":"https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa","reference_id":"308396a55280f69ad4112d4f9892f4cbeff042aa","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/"}],"url":"https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870867","reference_id":"870867","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870867"},{"reference_url":"http://www.securityfocus.com/bid/98877","reference_id":"98877","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/"}],"url":"http://www.securityfocus.com/bid/98877"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7375","reference_id":"CVE-2017-7375","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7375"},{"reference_url":"https://www.debian.org/security/2017/dsa-3952","reference_id":"dsa-3952","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/"}],"url":"https://www.debian.org/security/2017/dsa-3952"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e","reference_id":"?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-12-03T21:49:15Z/"}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e"},{"reference_url":"https://usn.ubuntu.com/3424-1/","reference_id":"USN-3424-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-1/"},{"reference_url":"https://usn.ubuntu.com/3424-2/","reference_id":"USN-3424-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5477?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4"}],"aliases":["CVE-2017-7375"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1zr7-kx71-tkcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77988?format=json","vulnerability_id":"VCID-2rbs-7dzf-wffv","summary":"Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3102.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3102.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3102","reference_id":"","reference_type":"","scores":[{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83914","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83937","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.8394","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83935","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83925","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01986","scoring_system":"epss","scoring_elements":"0.83939","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3102"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3102"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674191","reference_id":"674191","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674191"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=822109","reference_id":"822109","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=822109"},{"reference_url":"https://security.gentoo.org/glsa/201207-02","reference_id":"GLSA-201207-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201207-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1288","reference_id":"RHSA-2012:1288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0217","reference_id":"RHSA-2013:0217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0217"},{"reference_url":"https://usn.ubuntu.com/1447-1/","reference_id":"USN-1447-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1447-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["CVE-2011-3102"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2rbs-7dzf-wffv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38115?format=json","vulnerability_id":"VCID-2wkc-xqzc-e3g2","summary":"Use After Free\nMultiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allow remote attackers to cause a denial of service via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1837.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1837.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1837","reference_id":"","reference_type":"","scores":[{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67208","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67249","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67257","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67241","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67224","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67239","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338696","reference_id":"1338696","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338696"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1837","reference_id":"CVE-2016-1837","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-1837"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2wkc-xqzc-e3g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38118?format=json","vulnerability_id":"VCID-3ean-ys5t-bydz","summary":"Out-of-bounds Read\nThe htmlCurrentChar function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1833.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1833.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1833","reference_id":"","reference_type":"","scores":[{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61004","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61053","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61061","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61049","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61032","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.6105","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338682","reference_id":"1338682","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338682"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1833","reference_id":"CVE-2016-1833","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-1833"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ean-ys5t-bydz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38114?format=json","vulnerability_id":"VCID-3s6k-9cgk-dfd6","summary":"Use After Free\nUse-after-free vulnerability in the xmlDictComputeFastKey function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1836.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1836.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1836","reference_id":"","reference_type":"","scores":[{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.80109","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.80135","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.80139","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.80127","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.80147","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338702","reference_id":"1338702","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338702"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1836","reference_id":"CVE-2016-1836","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-1836"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3s6k-9cgk-dfd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37549?format=json","vulnerability_id":"VCID-43m9-cg6h-nuet","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nparser.c in libxml2, as used in Google Chrome and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2877.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2877.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2877","reference_id":"","reference_type":"","scores":[{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70629","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70671","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70679","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70662","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.7065","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70672","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-2877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2853","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2853"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2869","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2869"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2870","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2870"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2875","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2875"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2876","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2876"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2878","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2878"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2879","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2879"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2880","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2880"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=715531","reference_id":"715531","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=715531"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=983204","reference_id":"983204","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=983204"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-2877","reference_id":"CVE-2013-2877","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-2877"},{"reference_url":"https://security.gentoo.org/glsa/201309-16","reference_id":"GLSA-201309-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-16"},{"reference_url":"https://security.gentoo.org/glsa/201311-06","reference_id":"GLSA-201311-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-06"},{"reference_url":"https://security.gentoo.org/glsa/201412-11","reference_id":"GLSA-201412-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0513","reference_id":"RHSA-2014:0513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0513"},{"reference_url":"https://usn.ubuntu.com/1904-1/","reference_id":"USN-1904-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1904-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4599?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5"}],"aliases":["CVE-2013-2877"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-43m9-cg6h-nuet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5277?format=json","vulnerability_id":"VCID-4sg9-pjmx-6kfy","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3541.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3541.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3541","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.19048","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.19028","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.1908","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.19008","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.19122","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.19121","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3541"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1950515","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1950515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3541"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210805-0007/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20210805-0007/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988603","reference_id":"988603","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988603"},{"reference_url":"https://security.archlinux.org/AVG-1883","reference_id":"AVG-1883","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1883"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3541","reference_id":"CVE-2021-3541","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2569","reference_id":"RHSA-2021:2569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1389","reference_id":"RHSA-2022:1389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1390","reference_id":"RHSA-2022:1390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1390"},{"reference_url":"https://usn.ubuntu.com/4991-1/","reference_id":"USN-4991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2021-3541"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4sg9-pjmx-6kfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4369?format=json","vulnerability_id":"VCID-512y-x2fd-4uh5","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5130.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5130.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5130","reference_id":"","reference_type":"","scores":[{"value":"0.01165","scoring_system":"epss","scoring_elements":"0.78999","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01165","scoring_system":"epss","scoring_elements":"0.78968","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01165","scoring_system":"epss","scoring_elements":"0.78995","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01165","scoring_system":"epss","scoring_elements":"0.79001","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01165","scoring_system":"epss","scoring_elements":"0.78992","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01165","scoring_system":"epss","scoring_elements":"0.78981","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5130"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5130","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5130"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/101482","reference_id":"101482","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/"}],"url":"http://www.securityfocus.com/bid/101482"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1503537","reference_id":"1503537","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1503537"},{"reference_url":"https://crbug.com/722079","reference_id":"722079","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/"}],"url":"https://crbug.com/722079"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880000","reference_id":"880000","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880000"},{"reference_url":"https://security.archlinux.org/ASA-201710-27","reference_id":"ASA-201710-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201710-27"},{"reference_url":"https://security.archlinux.org/AVG-456","reference_id":"AVG-456","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-456"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5130","reference_id":"CVE-2017-5130","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5130"},{"reference_url":"https://security.gentoo.org/glsa/201710-24","reference_id":"GLSA-201710-24","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/"}],"url":"https://security.gentoo.org/glsa/201710-24"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed","reference_id":"?id=897dffbae322b46b83f99a607d527058a72c51ed","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/"}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=897dffbae322b46b83f99a607d527058a72c51ed"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html","reference_id":"msg00034.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00034.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2997","reference_id":"RHSA-2017:2997","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:2997"},{"reference_url":"http://bugzilla.gnome.org/show_bug.cgi?id=783026","reference_id":"show_bug.cgi?id=783026","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/"}],"url":"http://bugzilla.gnome.org/show_bug.cgi?id=783026"},{"reference_url":"https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T22:02:28Z/"}],"url":"https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5477?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4"}],"aliases":["CVE-2017-5130"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-512y-x2fd-4uh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45025?format=json","vulnerability_id":"VCID-5dmr-9sh2-w3hk","summary":"This advisory has been invalidated.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28484.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28484.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28484","reference_id":"","reference_type":"","scores":[{"value":"0.00388","scoring_system":"epss","scoring_elements":"0.60241","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61232","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61243","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.6123","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61212","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29469"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/491","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/491"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html"},{"reference_url":"https://nokogiri.org/CHANGELOG.html#1143-2023-04-11","reference_id":"","reference_type":"","scores":[],"url":"https://nokogiri.org/CHANGELOG.html#1143-2023-04-11"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034436","reference_id":"1034436","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034436"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2185994","reference_id":"2185994","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2185994"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28484","reference_id":"CVE-2023-28484","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28484"},{"reference_url":"https://security.gentoo.org/glsa/202402-11","reference_id":"GLSA-202402-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230601-0006/","reference_id":"ntap-20230601-0006","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230601-0006/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0005/","reference_id":"ntap-20240201-0005","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-05T16:58:14Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0005/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4349","reference_id":"RHSA-2023:4349","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4529","reference_id":"RHSA-2023:4529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4628","reference_id":"RHSA-2023:4628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0413","reference_id":"RHSA-2024:0413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0413"},{"reference_url":"https://usn.ubuntu.com/6028-1/","reference_id":"USN-6028-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6028-1/"},{"reference_url":"https://usn.ubuntu.com/6028-2/","reference_id":"USN-6028-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6028-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2023-28484"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5dmr-9sh2-w3hk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77999?format=json","vulnerability_id":"VCID-5er3-1kbw-33gt","summary":"libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document.  NOTE: The maintainer states \"I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5969.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5969.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5969","reference_id":"","reference_type":"","scores":[{"value":"0.03505","scoring_system":"epss","scoring_elements":"0.87831","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03505","scoring_system":"epss","scoring_elements":"0.87852","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03505","scoring_system":"epss","scoring_elements":"0.87854","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03505","scoring_system":"epss","scoring_elements":"0.87855","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03505","scoring_system":"epss","scoring_elements":"0.87857","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03505","scoring_system":"epss","scoring_elements":"0.87869","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5969"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1421996","reference_id":"1421996","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1421996"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855001","reference_id":"855001","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855001"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5477?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4"}],"aliases":["CVE-2017-5969"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5er3-1kbw-33gt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78001?format=json","vulnerability_id":"VCID-5g9a-2484-rucp","summary":"An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40304.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40304.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40304","reference_id":"","reference_type":"","scores":[{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44511","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44546","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44581","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44589","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44567","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44532","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80b"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3"},{"reference_url":"https://nokogiri.org/CHANGELOG.html#1139-2022-10-18","reference_id":"","reference_type":"","scores":[],"url":"https://nokogiri.org/CHANGELOG.html#1139-2022-10-18"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022225","reference_id":"1022225","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022225"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Dec/21","reference_id":"21","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Dec/21"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2136288","reference_id":"2136288","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2136288"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Dec/24","reference_id":"24","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Dec/24"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Dec/25","reference_id":"25","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Dec/25"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Dec/26","reference_id":"26","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Dec/26"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Dec/27","reference_id":"27","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Dec/27"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40304","reference_id":"CVE-2022-40304","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40304"},{"reference_url":"https://security.gentoo.org/glsa/202210-39","reference_id":"GLSA-202210-39","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-39"},{"reference_url":"https://support.apple.com/kb/HT213531","reference_id":"HT213531","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"https://support.apple.com/kb/HT213531"},{"reference_url":"https://support.apple.com/kb/HT213533","reference_id":"HT213533","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"https://support.apple.com/kb/HT213533"},{"reference_url":"https://support.apple.com/kb/HT213534","reference_id":"HT213534","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"https://support.apple.com/kb/HT213534"},{"reference_url":"https://support.apple.com/kb/HT213535","reference_id":"HT213535","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"https://support.apple.com/kb/HT213535"},{"reference_url":"https://support.apple.com/kb/HT213536","reference_id":"HT213536","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"https://support.apple.com/kb/HT213536"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221209-0003/","reference_id":"ntap-20221209-0003","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T19:47:33Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221209-0003/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0173","reference_id":"RHSA-2023:0173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0338","reference_id":"RHSA-2023:0338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0413","reference_id":"RHSA-2024:0413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0413"},{"reference_url":"https://usn.ubuntu.com/5760-1/","reference_id":"USN-5760-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5760-1/"},{"reference_url":"https://usn.ubuntu.com/5760-2/","reference_id":"USN-5760-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5760-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2022-40304"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5g9a-2484-rucp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77985?format=json","vulnerability_id":"VCID-5rs7-d9hu-rke7","summary":"Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2834.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2834.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2834","reference_id":"","reference_type":"","scores":[{"value":"0.029","scoring_system":"epss","scoring_elements":"0.86617","published_at":"2026-06-04T12:55:00Z"},{"value":"0.029","scoring_system":"epss","scoring_elements":"0.8664","published_at":"2026-06-06T12:55:00Z"},{"value":"0.029","scoring_system":"epss","scoring_elements":"0.86635","published_at":"2026-06-07T12:55:00Z"},{"value":"0.029","scoring_system":"epss","scoring_elements":"0.86625","published_at":"2026-06-08T12:55:00Z"},{"value":"0.029","scoring_system":"epss","scoring_elements":"0.86637","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2834"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643648","reference_id":"643648","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643648"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=735751","reference_id":"735751","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=735751"},{"reference_url":"https://security.gentoo.org/glsa/201110-26","reference_id":"GLSA-201110-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-26"},{"reference_url":"https://security.gentoo.org/glsa/201111-01","reference_id":"GLSA-201111-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201111-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1749","reference_id":"RHSA-2011:1749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0016","reference_id":"RHSA-2012:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0017","reference_id":"RHSA-2012:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0217","reference_id":"RHSA-2013:0217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0217"},{"reference_url":"https://usn.ubuntu.com/1334-1/","reference_id":"USN-1334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1334-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["CVE-2011-2834"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5rs7-d9hu-rke7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37981?format=json","vulnerability_id":"VCID-5z25-mem7-hfcx","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 allows context-dependent attackers to cause a denial of service via unspecified vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7497.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7497.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7497","reference_id":"","reference_type":"","scores":[{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78938","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78965","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78971","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78962","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.7895","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78968","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281862","reference_id":"1281862","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281862"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7497","reference_id":"CVE-2015-7497","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-7497"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5z25-mem7-hfcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38252?format=json","vulnerability_id":"VCID-6bw6-4huq-dqex","summary":"Improper Restriction of XML External Entity Reference\nlibxml2, as used in XMLSec and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9318.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9318.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9318","reference_id":"","reference_type":"","scores":[{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30308","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30303","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30382","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30347","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30319","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30287","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9318"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9318"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395609","reference_id":"1395609","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395609"},{"reference_url":"https://usn.ubuntu.com/3739-2/","reference_id":"3739-2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/"}],"url":"https://usn.ubuntu.com/3739-2/"},{"reference_url":"https://github.com/lsh123/xmlsec/issues/43","reference_id":"43","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/"}],"url":"https://github.com/lsh123/xmlsec/issues/43"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844581","reference_id":"844581","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844581"},{"reference_url":"http://www.securityfocus.com/bid/94347","reference_id":"94347","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/"}],"url":"http://www.securityfocus.com/bid/94347"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9318","reference_id":"CVE-2016-9318","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9318"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=772726","reference_id":"show_bug.cgi?id=772726","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T16:39:51Z/"}],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=772726"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2016-9318"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6bw6-4huq-dqex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38052?format=json","vulnerability_id":"VCID-6hc4-jdej-gkcp","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlNextChar function in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1762.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1762.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1762","reference_id":"","reference_type":"","scores":[{"value":"0.02419","scoring_system":"epss","scoring_elements":"0.85423","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02419","scoring_system":"epss","scoring_elements":"0.85424","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02419","scoring_system":"epss","scoring_elements":"0.85429","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02419","scoring_system":"epss","scoring_elements":"0.85409","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02419","scoring_system":"epss","scoring_elements":"0.854","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"http://www.securitytracker.com/id/1035353","reference_id":"1035353","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/"}],"url":"http://www.securitytracker.com/id/1035353"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338711","reference_id":"1338711","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338711"},{"reference_url":"http://www.securityfocus.com/bid/85059","reference_id":"85059","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/"}],"url":"http://www.securityfocus.com/bid/85059"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1762","reference_id":"CVE-2016-1762","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1762"},{"reference_url":"https://support.apple.com/HT206171","reference_id":"HT206171","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/"}],"url":"https://support.apple.com/HT206171"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602","reference_id":"?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/"}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=a7a94612aa3b16779e2c74e1fa353b5d9786c602"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170","reference_id":"index?page=content&id=SB10170","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/"}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html","reference_id":"msg00005.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/"}],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"ovmbulletinjul2016-3090546.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html","reference_id":"RHSA-2016-2957.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=759671","reference_id":"show_bug.cgi?id=759671","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:04:28Z/"}],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=759671"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-1762"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6hc4-jdej-gkcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3272?format=json","vulnerability_id":"VCID-6rnb-qe59-sbfy","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49796.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49796.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49796","reference_id":"","reference_type":"","scores":[{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.83061","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.8306","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.83057","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.83049","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49796"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107752","reference_id":"1107752","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107752"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372385","reference_id":"2372385","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372385"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/933","reference_id":"933","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/933"},{"reference_url":"https://security.archlinux.org/AVG-2898","reference_id":"AVG-2898","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2898"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9","reference_id":"cpe:/a:redhat:cert_manager:1.16::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9","reference_id":"cpe:/a:redhat:discovery:2::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1","reference_id":"cpe:/a:redhat:hummingbird:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9","reference_id":"cpe:/a:redhat:insights_proxy:1.5::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1","reference_id":"cpe:/a:redhat:jboss_core_services:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8","reference_id":"cpe:/a:redhat:openshift:4.12::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9","reference_id":"cpe:/a:redhat:openshift:4.13::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9","reference_id":"cpe:/a:redhat:openshift:4.14::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9","reference_id":"cpe:/a:redhat:openshift:4.17::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9","reference_id":"cpe:/a:redhat:openshift:4.18::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9","reference_id":"cpe:/a:redhat:openshift:4.19::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9","reference_id":"cpe:/a:redhat:openshift:4.20::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_file_integrity_operator:1::el9","reference_id":"cpe:/a:redhat:openshift_file_integrity_operator:1::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_file_integrity_operator:1::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8","reference_id":"cpe:/a:redhat:openshift_serverless:1.36::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9","reference_id":"cpe:/a:redhat:webterminal:1.11::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9","reference_id":"cpe:/a:redhat:webterminal:1.12::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:9.0::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:9.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49796","reference_id":"CVE-2025-49796","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49796"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10630","reference_id":"RHSA-2025:10630","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10698","reference_id":"RHSA-2025:10698","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10699","reference_id":"RHSA-2025:10699","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11580","reference_id":"RHSA-2025:11580","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:11580"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12098","reference_id":"RHSA-2025:12098","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12099","reference_id":"RHSA-2025:12099","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12199","reference_id":"RHSA-2025:12199","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12237","reference_id":"RHSA-2025:12237","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12239","reference_id":"RHSA-2025:12239","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12240","reference_id":"RHSA-2025:12240","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12241","reference_id":"RHSA-2025:12241","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13267","reference_id":"RHSA-2025:13267","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:13267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13335","reference_id":"RHSA-2025:13335","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:13335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15397","reference_id":"RHSA-2025:15397","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:15397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15827","reference_id":"RHSA-2025:15827","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:15827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15828","reference_id":"RHSA-2025:15828","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:15828"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18217","reference_id":"RHSA-2025:18217","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:18217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18218","reference_id":"RHSA-2025:18218","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:18218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18219","reference_id":"RHSA-2025:18219","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:18219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18240","reference_id":"RHSA-2025:18240","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:18240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19020","reference_id":"RHSA-2025:19020","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19041","reference_id":"RHSA-2025:19041","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19046","reference_id":"RHSA-2025:19046","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19894","reference_id":"RHSA-2025:19894","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19894"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21913","reference_id":"RHSA-2025:21913","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21913"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7519","reference_id":"RHSA-2026:7519","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:32:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:7519"},{"reference_url":"https://usn.ubuntu.com/7694-1/","reference_id":"USN-7694-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7694-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2025-49796"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6rnb-qe59-sbfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5278?format=json","vulnerability_id":"VCID-6t8y-27ba-cfa2","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3537.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3537.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3537","reference_id":"","reference_type":"","scores":[{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29128","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29146","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29216","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29116","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29148","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29183","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3537"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956522","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956522"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3537"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3537.yml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3537.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/"},{"reference_url":"https://nokogiri.org/CHANGELOG.html#1114-2021-05-14","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":""},{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nokogiri.org/CHANGELOG.html#1114-2021-05-14"},{"reference_url":"https://security.gentoo.org/glsa/202107-05","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202107-05"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210625-0002","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20210625-0002"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210625-0002/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20210625-0002/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988123","reference_id":"988123","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988123"},{"reference_url":"https://security.archlinux.org/AVG-1883","reference_id":"AVG-1883","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1883"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3537","reference_id":"CVE-2021-3537","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3537"},{"reference_url":"https://github.com/advisories/GHSA-286v-pcf5-25rc","reference_id":"GHSA-286v-pcf5-25rc","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-286v-pcf5-25rc"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2569","reference_id":"RHSA-2021:2569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1389","reference_id":"RHSA-2022:1389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1390","reference_id":"RHSA-2022:1390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1390"},{"reference_url":"https://usn.ubuntu.com/4991-1/","reference_id":"USN-4991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2021-3537","GHSA-286v-pcf5-25rc"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6t8y-27ba-cfa2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37470?format=json","vulnerability_id":"VCID-7qqd-ze42-ayab","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2, as used in Google Chrome and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5134.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5134.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5134","reference_id":"","reference_type":"","scores":[{"value":"0.02065","scoring_system":"epss","scoring_elements":"0.84241","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02065","scoring_system":"epss","scoring_elements":"0.84264","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02065","scoring_system":"epss","scoring_elements":"0.84267","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02065","scoring_system":"epss","scoring_elements":"0.84261","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02065","scoring_system":"epss","scoring_elements":"0.84249","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02065","scoring_system":"epss","scoring_elements":"0.84262","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5134"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694521","reference_id":"694521","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694521"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=880466","reference_id":"880466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=880466"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5134","reference_id":"CVE-2012-5134","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5134"},{"reference_url":"https://security.gentoo.org/glsa/201311-06","reference_id":"GLSA-201311-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1512","reference_id":"RHSA-2012:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0217","reference_id":"RHSA-2013:0217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0217"},{"reference_url":"https://usn.ubuntu.com/1656-1/","reference_id":"USN-1656-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1656-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["CVE-2012-5134"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7qqd-ze42-ayab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77971?format=json","vulnerability_id":"VCID-7x6g-x68k-tuc4","summary":"libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3281.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3281.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3281","reference_id":"","reference_type":"","scores":[{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74439","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74471","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74477","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74465","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74447","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00802","scoring_system":"epss","scoring_elements":"0.74474","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=458086","reference_id":"458086","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=458086"},{"reference_url":"https://security.gentoo.org/glsa/200812-06","reference_id":"GLSA-200812-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0836","reference_id":"RHSA-2008:0836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0836"},{"reference_url":"https://usn.ubuntu.com/640-1/","reference_id":"USN-640-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/640-1/"},{"reference_url":"https://usn.ubuntu.com/644-1/","reference_id":"USN-644-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/644-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4595?format=json","purl":"pkg:deb/debian/libxml2@2.6.32.dfsg-5%2Blenny5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2rbs-7dzf-wffv"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5rs7-d9hu-rke7"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-7qqd-ze42-ayab"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-b2jx-djjd-rbdx"},{"vulnerability":"VCID-b37v-a8em-gkfr"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-bqh3-eze3-3qbv"},{"vulnerability":"VCID-brg4-2x5t-akac"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-dmdw-gyj9-2ye5"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-fynm-ftmy-47eg"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jgtz-3gkg-dkbu"},{"vulnerability":"VCID-jn88-q5mn-37gz"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kmvz-pynk-p7fn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-p8us-th5q-yuey"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rzc3-s4fv-7fhp"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-uqus-6prc-w7dh"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-v22x-mq8p-8qc7"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-xse1-pmep-nqdc"},{"vulnerability":"VCID-xxpz-ak6z-5ufn"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.32.dfsg-5%252Blenny5"}],"aliases":["CVE-2008-3281"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7x6g-x68k-tuc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52166?format=json","vulnerability_id":"VCID-81dv-y5sg-9kgq","summary":"Missing Release of Memory after Effective Lifetime\nxmlSchemaPreRun in xmlschemas.c in libxml2 allows an xmlSchemaValidateStream memory leak.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20388.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20388","reference_id":"","reference_type":"","scores":[{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70289","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70307","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70298","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.703","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70278","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70256","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20388"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20388","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20388"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1799734","reference_id":"1799734","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1799734"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/","reference_id":"545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/","reference_id":"5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68","reference_id":"68","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949583","reference_id":"949583","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949583"},{"reference_url":"https://security.archlinux.org/ASA-202011-15","reference_id":"ASA-202011-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-15"},{"reference_url":"https://security.archlinux.org/AVG-1263","reference_id":"AVG-1263","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1263"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-20388","reference_id":"CVE-2019-20388","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-20388"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/","reference_id":"JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:50:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2644","reference_id":"RHSA-2020:2644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2646","reference_id":"RHSA-2020:2646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3996","reference_id":"RHSA-2020:3996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4479","reference_id":"RHSA-2020:4479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0949","reference_id":"RHSA-2021:0949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0949"},{"reference_url":"https://usn.ubuntu.com/4991-1/","reference_id":"USN-4991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2019-20388"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-81dv-y5sg-9kgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45926?format=json","vulnerability_id":"VCID-81t2-tsq4-x7ce","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nXmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39615.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39615.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39615","reference_id":"","reference_type":"","scores":[{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30139","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30154","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30124","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30221","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30185","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-39615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39615"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/535","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:25:30Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/535"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051230","reference_id":"1051230","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051230"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235864","reference_id":"2235864","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235864"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-39615","reference_id":"CVE-2023-39615","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-39615"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7544","reference_id":"RHSA-2023:7544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7626","reference_id":"RHSA-2023:7626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7747","reference_id":"RHSA-2023:7747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0119","reference_id":"RHSA-2024:0119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0413","reference_id":"RHSA-2024:0413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1317","reference_id":"RHSA-2024:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1383","reference_id":"RHSA-2024:1383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1477","reference_id":"RHSA-2024:1477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1477"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2023-39615"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-81t2-tsq4-x7ce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37982?format=json","vulnerability_id":"VCID-8719-hux3-fugq","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7498.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7498.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7498","reference_id":"","reference_type":"","scores":[{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78938","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78965","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78971","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78962","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.7895","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78968","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281879","reference_id":"1281879","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281879"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7498","reference_id":"CVE-2015-7498","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-7498"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8719-hux3-fugq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77969?format=json","vulnerability_id":"VCID-8ufh-w88r-kuc3","summary":"The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6284.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6284.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6284","reference_id":"","reference_type":"","scores":[{"value":"0.05097","scoring_system":"epss","scoring_elements":"0.89991","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05097","scoring_system":"epss","scoring_elements":"0.90007","published_at":"2026-06-05T12:55:00Z"},{"value":"0.05097","scoring_system":"epss","scoring_elements":"0.90006","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05546","scoring_system":"epss","scoring_elements":"0.90442","published_at":"2026-06-07T12:55:00Z"},{"value":"0.05546","scoring_system":"epss","scoring_elements":"0.9044","published_at":"2026-06-08T12:55:00Z"},{"value":"0.05546","scoring_system":"epss","scoring_elements":"0.90457","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-6284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=425927","reference_id":"425927","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=425927"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=460292","reference_id":"460292","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=460292"},{"reference_url":"https://security.gentoo.org/glsa/200801-20","reference_id":"GLSA-200801-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200801-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0032","reference_id":"RHSA-2008:0032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0032"},{"reference_url":"https://usn.ubuntu.com/569-1/","reference_id":"USN-569-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/569-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4595?format=json","purl":"pkg:deb/debian/libxml2@2.6.32.dfsg-5%2Blenny5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2rbs-7dzf-wffv"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5rs7-d9hu-rke7"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-7qqd-ze42-ayab"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-b2jx-djjd-rbdx"},{"vulnerability":"VCID-b37v-a8em-gkfr"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-bqh3-eze3-3qbv"},{"vulnerability":"VCID-brg4-2x5t-akac"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-dmdw-gyj9-2ye5"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-fynm-ftmy-47eg"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jgtz-3gkg-dkbu"},{"vulnerability":"VCID-jn88-q5mn-37gz"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kmvz-pynk-p7fn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-p8us-th5q-yuey"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rzc3-s4fv-7fhp"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-uqus-6prc-w7dh"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-v22x-mq8p-8qc7"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-xse1-pmep-nqdc"},{"vulnerability":"VCID-xxpz-ak6z-5ufn"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.32.dfsg-5%252Blenny5"}],"aliases":["CVE-2007-6284"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ufh-w88r-kuc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77997?format=json","vulnerability_id":"VCID-9d2s-f8da-pkgg","summary":"Possible cross-site scripting vulnerability in libxml after commit 960f0e2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3709.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3709.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3709","reference_id":"","reference_type":"","scores":[{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38501","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.3859","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38593","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38565","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38537","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38547","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3709"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3709","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3709"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112766","reference_id":"2112766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7715","reference_id":"RHSA-2022:7715","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4767","reference_id":"RHSA-2023:4767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4767"},{"reference_url":"https://usn.ubuntu.com/5548-1/","reference_id":"USN-5548-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5548-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2016-3709"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9d2s-f8da-pkgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4780?format=json","vulnerability_id":"VCID-9m3t-anwb-4fbx","summary":"arbitrary code execution","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4658.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4658.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4658","reference_id":"","reference_type":"","scores":[{"value":"0.15391","scoring_system":"epss","scoring_elements":"0.94784","published_at":"2026-06-09T12:55:00Z"},{"value":"0.15391","scoring_system":"epss","scoring_elements":"0.94767","published_at":"2026-06-04T12:55:00Z"},{"value":"0.15391","scoring_system":"epss","scoring_elements":"0.94776","published_at":"2026-06-05T12:55:00Z"},{"value":"0.15391","scoring_system":"epss","scoring_elements":"0.94777","published_at":"2026-06-06T12:55:00Z"},{"value":"0.15391","scoring_system":"epss","scoring_elements":"0.94779","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4658"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1615","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1615"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://support.apple.com/HT207141","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT207141"},{"reference_url":"https://support.apple.com/HT207142","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT207142"},{"reference_url":"https://support.apple.com/HT207143","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT207143"},{"reference_url":"https://support.apple.com/HT207170","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT207170"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1384424","reference_id":"1384424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1384424"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840553","reference_id":"840553","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840553"},{"reference_url":"https://security.archlinux.org/ASA-201611-2","reference_id":"ASA-201611-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-2"},{"reference_url":"https://security.archlinux.org/AVG-56","reference_id":"AVG-56","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-56"},{"reference_url":"http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4448.html","reference_id":"CVE-2016-4448.HTML","reference_type":"","scores":[],"url":"http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4448.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4658","reference_id":"CVE-2016-4658","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4658"},{"reference_url":"http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html","reference_id":"CVE-2016-4658.HTML","reference_type":"","scores":[],"url":"http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html"},{"reference_url":"http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5131.html","reference_id":"CVE-2016-5131.HTML","reference_type":"","scores":[],"url":"http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5131.html"},{"reference_url":"https://github.com/advisories/GHSA-fr52-4hqw-p27f","reference_id":"GHSA-fr52-4hqw-p27f","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fr52-4hqw-p27f"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3810","reference_id":"RHSA-2021:3810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3810"},{"reference_url":"https://usn.ubuntu.com/3235-1/","reference_id":"USN-3235-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3235-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-4658","GHSA-fr52-4hqw-p27f"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9m3t-anwb-4fbx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52122?format=json","vulnerability_id":"VCID-9usm-m2ey-7qad","summary":"Missing Release of Memory after Effective Lifetime\nxmlParseBalancedChunkMemoryRecover in parser.c in libxml2 has a memory leak related to newDoc->oldNs.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19956.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19956.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19956","reference_id":"","reference_type":"","scores":[{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43422","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43389","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43462","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43472","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43448","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43414","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19956"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788856","reference_id":"1788856","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1788856"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549","reference_id":"5a02583c7e683896d84878bd90641d8d9b0d0549","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/","reference_id":"5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19956","reference_id":"CVE-2019-19956","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-19956"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/","reference_id":"JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html","reference_id":"msg00005.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html","reference_id":"msg00032.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200114-0002/","reference_id":"ntap-20200114-0002","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T18:29:09Z/"}],"url":"https://security.netapp.com/advisory/ntap-20200114-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2644","reference_id":"RHSA-2020:2644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2646","reference_id":"RHSA-2020:2646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3996","reference_id":"RHSA-2020:3996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4479","reference_id":"RHSA-2020:4479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0949","reference_id":"RHSA-2021:0949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0949"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2019-19956"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9usm-m2ey-7qad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38108?format=json","vulnerability_id":"VCID-a611-3sqz-bkac","summary":"Improper Input Validation\nThe xmlStringGetNodeList function in tree.c in libxml2, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3627.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3627.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3627","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24968","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24851","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24843","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24873","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24901","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24956","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://seclists.org/fulldisclosure/2016/May/10","reference_id":"10","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://seclists.org/fulldisclosure/2016/May/10"},{"reference_url":"http://www.securitytracker.com/id/1035335","reference_id":"1035335","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://www.securitytracker.com/id/1035335"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1319829","reference_id":"1319829","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1319829"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/03/21/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2016/03/21/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/03/21/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2016/03/21/3"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819006","reference_id":"819006","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819006"},{"reference_url":"http://www.securityfocus.com/bid/84992","reference_id":"84992","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://www.securityfocus.com/bid/84992"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-3627","reference_id":"CVE-2016-3627","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-3627"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239","reference_id":"docDisplay?docId=emr_na-c05157239","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170","reference_id":"index?page=content&id=SB10170","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html","reference_id":"msg00055.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html","reference_id":"msg00127.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"ovmbulletinjul2016-3090546.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html","reference_id":"RHSA-2016-2957.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-3627"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a611-3sqz-bkac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76718?format=json","vulnerability_id":"VCID-aj7d-6vcp-7yey","summary":"libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9714.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9714.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9714","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01354","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01737","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01729","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01724","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-9714"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9714"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392605","reference_id":"2392605","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392605"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21","reference_id":"677a42645ef22b5a50741bad5facf9d8a8bc6d21","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-10T18:46:42Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22162","reference_id":"RHSA-2025:22162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22163","reference_id":"RHSA-2025:22163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22177","reference_id":"RHSA-2025:22177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22376","reference_id":"RHSA-2025:22376","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22377","reference_id":"RHSA-2025:22377","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22868","reference_id":"RHSA-2025:22868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23202","reference_id":"RHSA-2025:23202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23204","reference_id":"RHSA-2025:23204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23205","reference_id":"RHSA-2025:23205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23209","reference_id":"RHSA-2025:23209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23227","reference_id":"RHSA-2025:23227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23234","reference_id":"RHSA-2025:23234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23449","reference_id":"RHSA-2025:23449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0414","reference_id":"RHSA-2026:0414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0677","reference_id":"RHSA-2026:0677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0702","reference_id":"RHSA-2026:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0978","reference_id":"RHSA-2026:0978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0980","reference_id":"RHSA-2026:0980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0985","reference_id":"RHSA-2026:0985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0985"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0996","reference_id":"RHSA-2026:0996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11349","reference_id":"RHSA-2026:11349","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14832","reference_id":"RHSA-2026:14832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14858","reference_id":"RHSA-2026:14858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1539","reference_id":"RHSA-2026:1539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1539"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1541","reference_id":"RHSA-2026:1541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15967","reference_id":"RHSA-2026:15967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1652","reference_id":"RHSA-2026:1652","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1652"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21695","reference_id":"RHSA-2026:21695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22420","reference_id":"RHSA-2026:22420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3461","reference_id":"RHSA-2026:3461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3462","reference_id":"RHSA-2026:3462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7519","reference_id":"RHSA-2026:7519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7519"},{"reference_url":"https://usn.ubuntu.com/7743-1/","reference_id":"USN-7743-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7743-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2025-9714"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aj7d-6vcp-7yey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40102?format=json","vulnerability_id":"VCID-akrb-6bu8-nqfq","summary":"NULL Pointer Dereference\nA NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1543","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1543"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14404.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14404.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14404","reference_id":"","reference_type":"","scores":[{"value":"0.20012","scoring_system":"epss","scoring_elements":"0.95595","published_at":"2026-06-05T12:55:00Z"},{"value":"0.20012","scoring_system":"epss","scoring_elements":"0.95589","published_at":"2026-06-04T12:55:00Z"},{"value":"0.20012","scoring_system":"epss","scoring_elements":"0.95605","published_at":"2026-06-09T12:55:00Z"},{"value":"0.20012","scoring_system":"epss","scoring_elements":"0.95602","published_at":"2026-06-08T12:55:00Z"},{"value":"0.20012","scoring_system":"epss","scoring_elements":"0.95601","published_at":"2026-06-07T12:55:00Z"},{"value":"0.20012","scoring_system":"epss","scoring_elements":"0.95598","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14404"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/"}],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595985","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14404"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1785","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1785"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/issues/10","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/issues/10"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190719-0002","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190719-0002"},{"reference_url":"https://usn.ubuntu.com/3739-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/3739-1"},{"reference_url":"https://usn.ubuntu.com/3739-2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/3739-2"},{"reference_url":"https://usn.ubuntu.com/3739-2/","reference_id":"3739-2","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/"}],"url":"https://usn.ubuntu.com/3739-2/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14404","reference_id":"CVE-2018-14404","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14404"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-14404.yml","reference_id":"CVE-2018-14404.YML","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2018-14404.yml"},{"reference_url":"https://github.com/advisories/GHSA-6qvp-r6r3-9p7h","reference_id":"GHSA-6qvp-r6r3-9p7h","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6qvp-r6r3-9p7h"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190719-0002/","reference_id":"ntap-20190719-0002","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:07:49Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190719-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1190","reference_id":"RHSA-2020:1190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1827","reference_id":"RHSA-2020:1827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1827"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2018-14404","GHSA-6qvp-r6r3-9p7h"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-akrb-6bu8-nqfq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38138?format=json","vulnerability_id":"VCID-anzu-y37j-dbc2","summary":"Improper Input Validation\nXML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4449.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4449.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4449","reference_id":"","reference_type":"","scores":[{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.3116","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31114","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31193","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31125","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31124","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31092","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338701","reference_id":"1338701","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338701"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4449","reference_id":"CVE-2016-4449","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-4449"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-anzu-y37j-dbc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40179?format=json","vulnerability_id":"VCID-aqrr-3ej8-ukaa","summary":"Loop with Unreachable Exit Condition ('Infinite Loop')\nlibxml2, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14567.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14567.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14567","reference_id":"","reference_type":"","scores":[{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71903","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71942","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.7195","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71928","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71913","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71936","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14567"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1619875","reference_id":"1619875","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1619875"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14567","reference_id":"CVE-2018-14567","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1190","reference_id":"RHSA-2020:1190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1190"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2018-14567"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aqrr-3ej8-ukaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77991?format=json","vulnerability_id":"VCID-b2jx-djjd-rbdx","summary":"Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2807.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2807.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2807","reference_id":"","reference_type":"","scores":[{"value":"0.01544","scoring_system":"epss","scoring_elements":"0.81717","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01544","scoring_system":"epss","scoring_elements":"0.81748","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01544","scoring_system":"epss","scoring_elements":"0.81749","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01544","scoring_system":"epss","scoring_elements":"0.81742","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01544","scoring_system":"epss","scoring_elements":"0.81757","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2807"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=679280","reference_id":"679280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=679280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=835863","reference_id":"835863","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=835863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1288","reference_id":"RHSA-2012:1288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1288"},{"reference_url":"https://usn.ubuntu.com/1587-1/","reference_id":"USN-1587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1587-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["CVE-2012-2807"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b2jx-djjd-rbdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77978?format=json","vulnerability_id":"VCID-b37v-a8em-gkfr","summary":"Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2414.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2414.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2414","reference_id":"","reference_type":"","scores":[{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.79991","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.80016","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.80021","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.80015","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.80005","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01289","scoring_system":"epss","scoring_elements":"0.80024","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2414"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2414"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=515195","reference_id":"515195","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=515195"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540865","reference_id":"540865","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540865"},{"reference_url":"https://security.gentoo.org/glsa/201009-07","reference_id":"GLSA-201009-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201009-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1206","reference_id":"RHSA-2009:1206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1206"},{"reference_url":"https://usn.ubuntu.com/815-1/","reference_id":"USN-815-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/815-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4596?format=json","purl":"pkg:deb/debian/libxml2@2.7.8.dfsg-2%2Bsqueeze8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2rbs-7dzf-wffv"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5rs7-d9hu-rke7"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-7qqd-ze42-ayab"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-b2jx-djjd-rbdx"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-bqh3-eze3-3qbv"},{"vulnerability":"VCID-brg4-2x5t-akac"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-dmdw-gyj9-2ye5"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jgtz-3gkg-dkbu"},{"vulnerability":"VCID-jn88-q5mn-37gz"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kmvz-pynk-p7fn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-p8us-th5q-yuey"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rzc3-s4fv-7fhp"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-v22x-mq8p-8qc7"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-xxpz-ak6z-5ufn"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-2%252Bsqueeze8"}],"aliases":["CVE-2009-2414"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b37v-a8em-gkfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4945?format=json","vulnerability_id":"VCID-bgcq-x9bd-83ap","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23308.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23308.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23308","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22494","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22471","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22516","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22467","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22578","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22565","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23308"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/GNOME/libxml2/commit/652dd12a858989b14eed4e84e453059cd3ba340e"},{"reference_url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.9.13/NEWS"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006489","reference_id":"1006489","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006489"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2056913","reference_id":"2056913","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2056913"},{"reference_url":"https://security.archlinux.org/AVG-2726","reference_id":"AVG-2726","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2726"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23308","reference_id":"CVE-2022-23308","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23308"},{"reference_url":"https://security.gentoo.org/glsa/202210-03","reference_id":"GLSA-202210-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0899","reference_id":"RHSA-2022:0899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1389","reference_id":"RHSA-2022:1389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1390","reference_id":"RHSA-2022:1390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1390"},{"reference_url":"https://usn.ubuntu.com/5324-1/","reference_id":"USN-5324-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5324-1/"},{"reference_url":"https://usn.ubuntu.com/5422-1/","reference_id":"USN-5422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2022-23308"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bgcq-x9bd-83ap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37984?format=json","vulnerability_id":"VCID-bksc-y3j7-ufek","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseMisc function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7500.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7500.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7500","reference_id":"","reference_type":"","scores":[{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80737","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80764","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80766","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80763","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80759","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80779","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281943","reference_id":"1281943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281943"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7500","reference_id":"CVE-2015-7500","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-7500"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bksc-y3j7-ufek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77994?format=json","vulnerability_id":"VCID-bm7f-1hbr-dyfx","summary":"The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless of whether entity substitution or validation is enabled, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0191.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0191.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0191","reference_id":"","reference_type":"","scores":[{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70852","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70844","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70845","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70802","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70834","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70821","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0191"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1090976","reference_id":"1090976","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1090976"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747309","reference_id":"747309","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=747309"},{"reference_url":"https://security.gentoo.org/glsa/201409-08","reference_id":"GLSA-201409-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201409-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0513","reference_id":"RHSA-2014:0513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0749","reference_id":"RHSA-2015:0749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0749"},{"reference_url":"https://usn.ubuntu.com/2214-1/","reference_id":"USN-2214-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2214-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4599?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5"}],"aliases":["CVE-2014-0191"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bm7f-1hbr-dyfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77989?format=json","vulnerability_id":"VCID-bqh3-eze3-3qbv","summary":"libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3905.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3905.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3905","reference_id":"","reference_type":"","scores":[{"value":"0.01212","scoring_system":"epss","scoring_elements":"0.79321","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01212","scoring_system":"epss","scoring_elements":"0.79347","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01212","scoring_system":"epss","scoring_elements":"0.79352","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01212","scoring_system":"epss","scoring_elements":"0.79344","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01212","scoring_system":"epss","scoring_elements":"0.79335","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01212","scoring_system":"epss","scoring_elements":"0.79353","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3905"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3905"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652352","reference_id":"652352","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652352"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=767387","reference_id":"767387","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=767387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0016","reference_id":"RHSA-2012:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0017","reference_id":"RHSA-2012:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0018","reference_id":"RHSA-2012:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0217","reference_id":"RHSA-2013:0217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0217"},{"reference_url":"https://usn.ubuntu.com/1334-1/","reference_id":"USN-1334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1334-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["CVE-2011-3905"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bqh3-eze3-3qbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/319641?format=json","vulnerability_id":"VCID-brg4-2x5t-akac","summary":"regression update","references":[],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["DSA-3057-2 libxml2"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-brg4-2x5t-akac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3274?format=json","vulnerability_id":"VCID-c16x-s3zb-bbef","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49794.json","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49794.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49794","reference_id":"","reference_type":"","scores":[{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63806","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.638","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63807","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63799","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63786","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49794"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107755","reference_id":"1107755","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107755"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372373","reference_id":"2372373","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372373"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/931","reference_id":"931","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/931"},{"reference_url":"https://security.archlinux.org/AVG-2898","reference_id":"AVG-2898","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2898"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9","reference_id":"cpe:/a:redhat:cert_manager:1.16::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1","reference_id":"cpe:/a:redhat:hummingbird:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9","reference_id":"cpe:/a:redhat:insights_proxy:1.5::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1","reference_id":"cpe:/a:redhat:jboss_core_services:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8","reference_id":"cpe:/a:redhat:openshift:4.12::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9","reference_id":"cpe:/a:redhat:openshift:4.13::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9","reference_id":"cpe:/a:redhat:openshift:4.14::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9","reference_id":"cpe:/a:redhat:openshift:4.17::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9","reference_id":"cpe:/a:redhat:openshift:4.18::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9","reference_id":"cpe:/a:redhat:openshift:4.19::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9","reference_id":"cpe:/a:redhat:openshift:4.20::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_file_integrity_operator:1::el9","reference_id":"cpe:/a:redhat:openshift_file_integrity_operator:1::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_file_integrity_operator:1::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8","reference_id":"cpe:/a:redhat:openshift_serverless:1.36::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9","reference_id":"cpe:/a:redhat:webterminal:1.11::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9","reference_id":"cpe:/a:redhat:webterminal:1.12::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:9.0::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:9.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49794","reference_id":"CVE-2025-49794","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49794"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10630","reference_id":"RHSA-2025:10630","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10698","reference_id":"RHSA-2025:10698","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10699","reference_id":"RHSA-2025:10699","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11580","reference_id":"RHSA-2025:11580","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:11580"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12098","reference_id":"RHSA-2025:12098","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12099","reference_id":"RHSA-2025:12099","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12199","reference_id":"RHSA-2025:12199","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12237","reference_id":"RHSA-2025:12237","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12239","reference_id":"RHSA-2025:12239","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12240","reference_id":"RHSA-2025:12240","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12241","reference_id":"RHSA-2025:12241","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13335","reference_id":"RHSA-2025:13335","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:13335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15397","reference_id":"RHSA-2025:15397","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:15397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15827","reference_id":"RHSA-2025:15827","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:15827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15828","reference_id":"RHSA-2025:15828","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:15828"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18217","reference_id":"RHSA-2025:18217","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:18217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18218","reference_id":"RHSA-2025:18218","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:18218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18219","reference_id":"RHSA-2025:18219","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:18219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18240","reference_id":"RHSA-2025:18240","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:18240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19020","reference_id":"RHSA-2025:19020","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19041","reference_id":"RHSA-2025:19041","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19046","reference_id":"RHSA-2025:19046","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19894","reference_id":"RHSA-2025:19894","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19894"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21913","reference_id":"RHSA-2025:21913","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21913"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7519","reference_id":"RHSA-2026:7519","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-16T15:50:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:7519"},{"reference_url":"https://usn.ubuntu.com/7694-1/","reference_id":"USN-7694-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7694-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2025-49794"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c16x-s3zb-bbef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37897?format=json","vulnerability_id":"VCID-cgmw-k7dg-gbdw","summary":"Vulnerabilities in libxml2 and libxslt\nSeveral vulnerabilities were discovered in the libxml2 and libxslt libraries that this package gem depends on.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1419.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-1419.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1819.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1819.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1819","reference_id":"","reference_type":"","scores":[{"value":"0.02045","scoring_system":"epss","scoring_elements":"0.84192","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02045","scoring_system":"epss","scoring_elements":"0.8417","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02045","scoring_system":"epss","scoring_elements":"0.84193","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02045","scoring_system":"epss","scoring_elements":"0.84197","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02045","scoring_system":"epss","scoring_elements":"0.84191","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02045","scoring_system":"epss","scoring_elements":"0.8418","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-1819.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-1819.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/8f3de6d88d0da11fb62a45daa61b85ce71b4af59","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/sparklemotion/nokogiri/commit/8f3de6d88d0da11fb62a45daa61b85ce71b4af59"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1374","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1374"},{"reference_url":"https://github.com/sparklemotion/nokogiri/pull/1376","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/sparklemotion/nokogiri/pull/1376"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-1819","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-1819"},{"reference_url":"https://security.gentoo.org/glsa/201507-08","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201507-08"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://support.apple.com/HT206166","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206166"},{"reference_url":"https://support.apple.com/HT206167","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206167"},{"reference_url":"https://support.apple.com/HT206168","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206168"},{"reference_url":"https://support.apple.com/HT206169","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206169"},{"reference_url":"http://www.debian.org/security/2015/dsa-3430","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3430"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.ubuntu.com/usn/USN-2812-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2812-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1211278","reference_id":"1211278","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1211278"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782782","reference_id":"782782","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782782"},{"reference_url":"https://github.com/advisories/GHSA-q7wx-62r7-j2x7","reference_id":"GHSA-q7wx-62r7-j2x7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q7wx-62r7-j2x7"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1419","reference_id":"RHSA-2015:1419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1419"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://usn.ubuntu.com/2812-1/","reference_id":"USN-2812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2812-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-1819","GHSA-q7wx-62r7-j2x7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cgmw-k7dg-gbdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5281?format=json","vulnerability_id":"VCID-ct17-yjud-f3a1","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3516.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3516.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3516","reference_id":"","reference_type":"","scores":[{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59807","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59852","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59853","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59833","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59858","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59861","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3516"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1954225","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1954225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3516","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3516"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/230","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/230"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987739","reference_id":"987739","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987739"},{"reference_url":"https://security.archlinux.org/AVG-1883","reference_id":"AVG-1883","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1883"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3516","reference_id":"CVE-2021-3516","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2569","reference_id":"RHSA-2021:2569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1389","reference_id":"RHSA-2022:1389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1390","reference_id":"RHSA-2022:1390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1390"},{"reference_url":"https://usn.ubuntu.com/4991-1/","reference_id":"USN-4991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2021-3516"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ct17-yjud-f3a1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/319637?format=json","vulnerability_id":"VCID-dmdw-gyj9-2ye5","summary":"security update","references":[],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["DSA-2978-1 libxml2"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dmdw-gyj9-2ye5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38116?format=json","vulnerability_id":"VCID-ds9f-6ppp-5fax","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlStrncat function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1834.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1834.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1834","reference_id":"","reference_type":"","scores":[{"value":"0.02308","scoring_system":"epss","scoring_elements":"0.85052","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02308","scoring_system":"epss","scoring_elements":"0.85079","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02308","scoring_system":"epss","scoring_elements":"0.85065","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02308","scoring_system":"epss","scoring_elements":"0.85075","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02308","scoring_system":"epss","scoring_elements":"0.8508","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02308","scoring_system":"epss","scoring_elements":"0.85076","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1035890","reference_id":"1035890","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"http://www.securitytracker.com/id/1035890"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338708","reference_id":"1338708","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338708"},{"reference_url":"http://www.securityfocus.com/bid/90691","reference_id":"90691","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"http://www.securityfocus.com/bid/90691"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1834","reference_id":"CVE-2016-1834","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1834"},{"reference_url":"https://support.apple.com/HT206564","reference_id":"HT206564","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"https://support.apple.com/HT206564"},{"reference_url":"https://support.apple.com/HT206566","reference_id":"HT206566","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"https://support.apple.com/HT206566"},{"reference_url":"https://support.apple.com/HT206567","reference_id":"HT206567","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"https://support.apple.com/HT206567"},{"reference_url":"https://support.apple.com/HT206568","reference_id":"HT206568","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"https://support.apple.com/HT206568"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704","reference_id":"?id=8fbbf5513d609c1770b391b99e33314cd0742704","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170","reference_id":"index?page=content&id=SB10170","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00002.html","reference_id":"msg00002.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html","reference_id":"msg00004.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"ovmbulletinjul2016-3090546.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html","reference_id":"RHSA-2016-2957.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=763071","reference_id":"show_bug.cgi?id=763071","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T17:15:12Z/"}],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=763071"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-1834"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ds9f-6ppp-5fax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5280?format=json","vulnerability_id":"VCID-e8w6-ax3x-wqan","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3517.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3517.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3517","reference_id":"","reference_type":"","scores":[{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28421","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28493","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28379","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28413","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28452","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28383","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3517"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1954232","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":""},{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1954232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3517"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3517.yml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3517.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/blob/7c19ef5cc6b7c5c36827dd5495f857c6877ec8cf/CHANGELOG.md?plain=1#L579","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/blob/7c19ef5cc6b7c5c36827dd5495f857c6877ec8cf/CHANGELOG.md?plain=1#L579"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/2233","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/2233"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/2274","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/2274"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/"},{"reference_url":"https://security.gentoo.org/glsa/202107-05","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/"}],"url":"https://security.gentoo.org/glsa/202107-05"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210625-0002","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20210625-0002"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210625-0002/","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210625-0002/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211022-0004","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20211022-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20211022-0004/","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/"}],"url":"https://security.netapp.com/advisory/ntap-20211022-0004/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2022.html","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987738","reference_id":"987738","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987738"},{"reference_url":"https://security.archlinux.org/AVG-1883","reference_id":"AVG-1883","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1883"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/","reference_id":"BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3517","reference_id":"CVE-2021-3517","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3517"},{"reference_url":"https://github.com/advisories/GHSA-jw9f-hh49-cvp9","reference_id":"GHSA-jw9f-hh49-cvp9","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jw9f-hh49-cvp9"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/","reference_id":"QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/"}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:32:30Z/"}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2569","reference_id":"RHSA-2021:2569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1389","reference_id":"RHSA-2022:1389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1390","reference_id":"RHSA-2022:1390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1390"},{"reference_url":"https://usn.ubuntu.com/4991-1/","reference_id":"USN-4991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2021-3517","GHSA-jw9f-hh49-cvp9"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e8w6-ax3x-wqan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37944?format=json","vulnerability_id":"VCID-eb5v-9a7f-xyf2","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7942.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7942.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7942","reference_id":"","reference_type":"","scores":[{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77467","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77494","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77503","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77483","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77505","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1276297","reference_id":"1276297","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1276297"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802827","reference_id":"802827","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802827"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7942","reference_id":"CVE-2015-7942","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2812-1/","reference_id":"USN-2812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2812-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-7942"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eb5v-9a7f-xyf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37978?format=json","vulnerability_id":"VCID-efx2-bpu9-z7a4","summary":"Vulnerabilities in libxml2\nSeveral vulnerabilities were discovered in the libxml2 library that this package gem depends on.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5312.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5312.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5312","reference_id":"","reference_type":"","scores":[{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.7819","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.7816","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.78187","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.78194","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.78184","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.78172","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5312"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1276693","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1276693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-5312.yml","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-5312.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/4205af1a2a546f79d1b48df2ad8b27299c0099c5","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/sparklemotion/nokogiri/commit/4205af1a2a546f79d1b48df2ad8b27299c0099c5"},{"reference_url":"https://github.com/sparklemotion/nokogiri/pull/1378","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/sparklemotion/nokogiri/pull/1378"},{"reference_url":"https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://support.apple.com/HT206166","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206166"},{"reference_url":"https://support.apple.com/HT206167","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206167"},{"reference_url":"https://support.apple.com/HT206168","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206168"},{"reference_url":"https://support.apple.com/HT206169","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206169"},{"reference_url":"http://www.debian.org/security/2015/dsa-3430","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3430"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.ubuntu.com/usn/USN-2834-1","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2834-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5312","reference_id":"CVE-2015-5312","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5312"},{"reference_url":"https://github.com/advisories/GHSA-xjqg-9jvg-fgx2","reference_id":"GHSA-xjqg-9jvg-fgx2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xjqg-9jvg-fgx2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-5312","GHSA-xjqg-9jvg-fgx2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-efx2-bpu9-z7a4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38085?format=json","vulnerability_id":"VCID-egft-crba-6ubx","summary":"Uncontrolled Resource Consumption\ndict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the \"<!DOCTYPE html\" substring in a crafted HTML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8806.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8806.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8806","reference_id":"","reference_type":"","scores":[{"value":"0.08565","scoring_system":"epss","scoring_elements":"0.92558","published_at":"2026-06-06T12:55:00Z"},{"value":"0.08565","scoring_system":"epss","scoring_elements":"0.92562","published_at":"2026-06-05T12:55:00Z"},{"value":"0.08565","scoring_system":"epss","scoring_elements":"0.92549","published_at":"2026-06-04T12:55:00Z"},{"value":"0.08565","scoring_system":"epss","scoring_elements":"0.9257","published_at":"2026-06-09T12:55:00Z"},{"value":"0.08565","scoring_system":"epss","scoring_elements":"0.92551","published_at":"2026-06-08T12:55:00Z"},{"value":"0.08565","scoring_system":"epss","scoring_elements":"0.92553","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8806"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=749115","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=749115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-8806.yml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-8806.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/03d402212707bd5dfa0a21b7de5e91a7f9d90028","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/sparklemotion/nokogiri/commit/03d402212707bd5dfa0a21b7de5e91a7f9d90028"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1473","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1473"},{"reference_url":"https://mail.gnome.org/archives/xml/2016-May/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://mail.gnome.org/archives/xml/2016-May/msg00023.html"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://web.archive.org/web/20160928171015/http://www.securityfocus.com/bid/82071","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20160928171015/http://www.securityfocus.com/bid/82071"},{"reference_url":"https://www.debian.org/security/2016/dsa-3593","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2016/dsa-3593"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/02/03/5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/02/03/5"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"},{"reference_url":"http://www.ubuntu.com/usn/usn-2994-1/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-2994-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-2994-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2994-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1304636","reference_id":"1304636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1304636"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813613","reference_id":"813613","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813613"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8806","reference_id":"CVE-2015-8806","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8806"},{"reference_url":"https://github.com/advisories/GHSA-7hp2-xwpj-95jq","reference_id":"GHSA-7hp2-xwpj-95jq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7hp2-xwpj-95jq"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-8806","GHSA-7hp2-xwpj-95jq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-egft-crba-6ubx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38618?format=json","vulnerability_id":"VCID-eh92-k5tc-vyab","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nlibxml2 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9048.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9048.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9048","reference_id":"","reference_type":"","scores":[{"value":"0.00601","scoring_system":"epss","scoring_elements":"0.69868","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00601","scoring_system":"epss","scoring_elements":"0.69918","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00601","scoring_system":"epss","scoring_elements":"0.69908","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00601","scoring_system":"epss","scoring_elements":"0.69916","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00601","scoring_system":"epss","scoring_elements":"0.69906","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00601","scoring_system":"epss","scoring_elements":"0.69895","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452549","reference_id":"1452549","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452549"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863021","reference_id":"863021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863021"},{"reference_url":"http://www.securityfocus.com/bid/98556","reference_id":"98556","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:40:41Z/"}],"url":"http://www.securityfocus.com/bid/98556"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9048","reference_id":"CVE-2017-9048","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9048"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:40:41Z/"}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-18T11:40:41Z/"}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://usn.ubuntu.com/3424-1/","reference_id":"USN-3424-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-1/"},{"reference_url":"https://usn.ubuntu.com/3424-2/","reference_id":"USN-3424-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5477?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4"}],"aliases":["CVE-2017-9048"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eh92-k5tc-vyab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38015?format=json","vulnerability_id":"VCID-ezzm-sgz4-xbaa","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2073.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2073.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2073","reference_id":"","reference_type":"","scores":[{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81527","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81535","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81525","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81497","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81524","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81519","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301928","reference_id":"1301928","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301928"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812807","reference_id":"812807","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812807"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2073","reference_id":"CVE-2016-2073","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2073"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-2073"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ezzm-sgz4-xbaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38112?format=json","vulnerability_id":"VCID-f8jy-gtg6-x3f2","summary":"Improper Input Validation\nThe (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3705.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3705.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3705","reference_id":"","reference_type":"","scores":[{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75722","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75749","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75746","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75736","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75724","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75748","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1332443","reference_id":"1332443","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1332443"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823414","reference_id":"823414","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823414"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-3705","reference_id":"CVE-2016-3705","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-3705"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-3705"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f8jy-gtg6-x3f2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37980?format=json","vulnerability_id":"VCID-f8q4-hk9r-6be4","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlNextChar function in libxml2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8241.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8241.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8241","reference_id":"","reference_type":"","scores":[{"value":"0.00843","scoring_system":"epss","scoring_elements":"0.75143","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00843","scoring_system":"epss","scoring_elements":"0.75149","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00843","scoring_system":"epss","scoring_elements":"0.7514","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00843","scoring_system":"epss","scoring_elements":"0.75111","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00843","scoring_system":"epss","scoring_elements":"0.75136","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00843","scoring_system":"epss","scoring_elements":"0.75122","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281936","reference_id":"1281936","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281936"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806384","reference_id":"806384","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806384"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8241","reference_id":"CVE-2015-8241","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-8241"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f8q4-hk9r-6be4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4833?format=json","vulnerability_id":"VCID-fda4-67cq-cqg4","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6021.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6021.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6021","reference_id":"","reference_type":"","scores":[{"value":"0.02116","scoring_system":"epss","scoring_elements":"0.84463","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02116","scoring_system":"epss","scoring_elements":"0.84457","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02116","scoring_system":"epss","scoring_elements":"0.8446","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02116","scoring_system":"epss","scoring_elements":"0.84444","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02116","scoring_system":"epss","scoring_elements":"0.84456","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6021"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107720","reference_id":"1107720","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107720"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372406","reference_id":"2372406","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372406"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/926","reference_id":"926","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/926"},{"reference_url":"https://security.archlinux.org/AVG-2899","reference_id":"AVG-2899","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2899"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9","reference_id":"cpe:/a:redhat:discovery:2::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1","reference_id":"cpe:/a:redhat:hummingbird:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9","reference_id":"cpe:/a:redhat:insights_proxy:1.5::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1","reference_id":"cpe:/a:redhat:jboss_core_services:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8","reference_id":"cpe:/a:redhat:openshift:4.12::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9","reference_id":"cpe:/a:redhat:openshift:4.13::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8","reference_id":"cpe:/a:redhat:openshift:4.14::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9","reference_id":"cpe:/a:redhat:openshift:4.14::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9","reference_id":"cpe:/a:redhat:openshift:4.15::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9","reference_id":"cpe:/a:redhat:openshift:4.16::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9","reference_id":"cpe:/a:redhat:openshift:4.17::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9","reference_id":"cpe:/a:redhat:openshift:4.18::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9","reference_id":"cpe:/a:redhat:openshift:4.19::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:9.0::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:9.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-6021","reference_id":"CVE-2025-6021","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-6021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10630","reference_id":"RHSA-2025:10630","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10698","reference_id":"RHSA-2025:10698","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10699","reference_id":"RHSA-2025:10699","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11580","reference_id":"RHSA-2025:11580","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:11580"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11673","reference_id":"RHSA-2025:11673","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:11673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12098","reference_id":"RHSA-2025:12098","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12099","reference_id":"RHSA-2025:12099","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12199","reference_id":"RHSA-2025:12199","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12237","reference_id":"RHSA-2025:12237","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12239","reference_id":"RHSA-2025:12239","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12240","reference_id":"RHSA-2025:12240","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12241","reference_id":"RHSA-2025:12241","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13267","reference_id":"RHSA-2025:13267","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:13267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13289","reference_id":"RHSA-2025:13289","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:13289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13325","reference_id":"RHSA-2025:13325","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:13325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13335","reference_id":"RHSA-2025:13335","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:13335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13336","reference_id":"RHSA-2025:13336","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:13336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14059","reference_id":"RHSA-2025:14059","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:14059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14396","reference_id":"RHSA-2025:14396","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:14396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15308","reference_id":"RHSA-2025:15308","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:15308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15672","reference_id":"RHSA-2025:15672","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:15672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19020","reference_id":"RHSA-2025:19020","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7519","reference_id":"RHSA-2026:7519","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-03T14:41:19Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:7519"},{"reference_url":"https://usn.ubuntu.com/7694-1/","reference_id":"USN-7694-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7694-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2025-6021"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fda4-67cq-cqg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37972?format=json","vulnerability_id":"VCID-fn1n-adz5-5fcy","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlGROW function in parser.c in libxml2 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7499.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7499.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7499","reference_id":"","reference_type":"","scores":[{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72761","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.7272","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72758","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72767","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72749","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72736","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7499"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281925","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281925"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da"},{"reference_url":"https://github.com/advisories/GHSA-jxjr-5h69-qw3w","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jxjr-5h69-qw3w"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-7499.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-7499.yml"},{"reference_url":"https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://web.archive.org/web/20210724022841/http://www.securityfocus.com/bid/79509","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210724022841/http://www.securityfocus.com/bid/79509"},{"reference_url":"https://web.archive.org/web/20211205133229/https://securitytracker.com/id/1034243","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20211205133229/https://securitytracker.com/id/1034243"},{"reference_url":"http://www.debian.org/security/2015/dsa-3430","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3430"},{"reference_url":"http://www.ubuntu.com/usn/USN-2834-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2834-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7499","reference_id":"CVE-2015-7499","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7499"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"},{"reference_url":"https://usn.ubuntu.com/2875-1/","reference_id":"USN-2875-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2875-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-7499","GHSA-jxjr-5h69-qw3w"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fn1n-adz5-5fcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39421?format=json","vulnerability_id":"VCID-frer-xevm-x7f7","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nBuffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7376.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7376.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7376","reference_id":"","reference_type":"","scores":[{"value":"0.38332","scoring_system":"epss","scoring_elements":"0.97323","published_at":"2026-06-09T12:55:00Z"},{"value":"0.38332","scoring_system":"epss","scoring_elements":"0.97316","published_at":"2026-06-04T12:55:00Z"},{"value":"0.38332","scoring_system":"epss","scoring_elements":"0.9732","published_at":"2026-06-05T12:55:00Z"},{"value":"0.38332","scoring_system":"epss","scoring_elements":"0.97322","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1462216","reference_id":"1462216","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1462216"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870865","reference_id":"870865","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870865"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7376","reference_id":"CVE-2017-7376","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7376"},{"reference_url":"https://usn.ubuntu.com/3424-1/","reference_id":"USN-3424-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-1/"},{"reference_url":"https://usn.ubuntu.com/3424-2/","reference_id":"USN-3424-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5477?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4"}],"aliases":["CVE-2017-7376"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-frer-xevm-x7f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37398?format=json","vulnerability_id":"VCID-fynm-ftmy-47eg","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nlibxml2, as used in Google Chrome, Apple Safari, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4008.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4008.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4008","reference_id":"","reference_type":"","scores":[{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.7363","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73667","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73671","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73658","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73643","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00756","scoring_system":"epss","scoring_elements":"0.73669","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4008"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602609","reference_id":"602609","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602609"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=645341","reference_id":"645341","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=645341"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4008","reference_id":"CVE-2010-4008","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4008"},{"reference_url":"https://security.gentoo.org/glsa/201110-26","reference_id":"GLSA-201110-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1749","reference_id":"RHSA-2011:1749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0017","reference_id":"RHSA-2012:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0217","reference_id":"RHSA-2013:0217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0217"},{"reference_url":"https://usn.ubuntu.com/1016-1/","reference_id":"USN-1016-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1016-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4596?format=json","purl":"pkg:deb/debian/libxml2@2.7.8.dfsg-2%2Bsqueeze8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2rbs-7dzf-wffv"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5rs7-d9hu-rke7"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-7qqd-ze42-ayab"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-b2jx-djjd-rbdx"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-bqh3-eze3-3qbv"},{"vulnerability":"VCID-brg4-2x5t-akac"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-dmdw-gyj9-2ye5"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jgtz-3gkg-dkbu"},{"vulnerability":"VCID-jn88-q5mn-37gz"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kmvz-pynk-p7fn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-p8us-th5q-yuey"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rzc3-s4fv-7fhp"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-v22x-mq8p-8qc7"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-xxpz-ak6z-5ufn"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-2%252Bsqueeze8"}],"aliases":["CVE-2010-4008"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fynm-ftmy-47eg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4944?format=json","vulnerability_id":"VCID-gfk4-86ze-3bdx","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29824.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29824.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29824","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22549","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22529","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22572","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22524","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22632","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22617","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c283d83eccd940bcde15634ac8c7f100e3caefd"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.9.14"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/-/tags","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.gnome.org/GNOME/libxslt/-/tags"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010526","reference_id":"1010526","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010526"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082158","reference_id":"2082158","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2082158"},{"reference_url":"https://security.archlinux.org/AVG-2726","reference_id":"AVG-2726","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2726"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29824","reference_id":"CVE-2022-29824","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-29824"},{"reference_url":"https://security.gentoo.org/glsa/202210-03","reference_id":"GLSA-202210-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5250","reference_id":"RHSA-2022:5250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5317","reference_id":"RHSA-2022:5317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://usn.ubuntu.com/5422-1/","reference_id":"USN-5422-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5422-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5477?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4"},{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2022-29824"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gfk4-86ze-3bdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39554?format=json","vulnerability_id":"VCID-j98t-paam-97ec","summary":"Allocation of Resources Without Limits or Throttling\nThe xz_head function in xzlib.c in libxml2 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18258.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18258.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18258","reference_id":"","reference_type":"","scores":[{"value":"0.00898","scoring_system":"epss","scoring_elements":"0.7605","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00898","scoring_system":"epss","scoring_elements":"0.76025","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00898","scoring_system":"epss","scoring_elements":"0.76045","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00898","scoring_system":"epss","scoring_elements":"0.76038","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00898","scoring_system":"epss","scoring_elements":"0.7602","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18258"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18258"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-18258.yml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-18258.yml"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10284","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10284"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190719-0001","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190719-0001"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190719-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190719-0001/"},{"reference_url":"https://usn.ubuntu.com/3739-1","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/3739-1"},{"reference_url":"https://usn.ubuntu.com/3739-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3739-1/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1566749","reference_id":"1566749","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1566749"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895245","reference_id":"895245","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895245"},{"reference_url":"https://security.archlinux.org/AVG-671","reference_id":"AVG-671","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-671"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-18258","reference_id":"CVE-2017-18258","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-18258"},{"reference_url":"https://github.com/advisories/GHSA-882p-jqgm-f45g","reference_id":"GHSA-882p-jqgm-f45g","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-882p-jqgm-f45g"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1190","reference_id":"RHSA-2020:1190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1190"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2017-18258","GHSA-882p-jqgm-f45g"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j98t-paam-97ec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77990?format=json","vulnerability_id":"VCID-jgtz-3gkg-dkbu","summary":"Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3919.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3919","reference_id":"","reference_type":"","scores":[{"value":"0.03188","scoring_system":"epss","scoring_elements":"0.87212","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03188","scoring_system":"epss","scoring_elements":"0.87235","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03188","scoring_system":"epss","scoring_elements":"0.87232","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03188","scoring_system":"epss","scoring_elements":"0.8723","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03188","scoring_system":"epss","scoring_elements":"0.87226","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03188","scoring_system":"epss","scoring_elements":"0.87238","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3919"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656377","reference_id":"656377","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=656377"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=771896","reference_id":"771896","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=771896"},{"reference_url":"https://security.gentoo.org/glsa/201202-09","reference_id":"GLSA-201202-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201202-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0016","reference_id":"RHSA-2012:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0017","reference_id":"RHSA-2012:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0018","reference_id":"RHSA-2012:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0104","reference_id":"RHSA-2012:0104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0104"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0217","reference_id":"RHSA-2013:0217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0217"},{"reference_url":"https://usn.ubuntu.com/1334-1/","reference_id":"USN-1334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1334-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["CVE-2011-3919"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jgtz-3gkg-dkbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37415?format=json","vulnerability_id":"VCID-jn88-q5mn-37gz","summary":"Integer Overflow\nInteger overflow in xpath.c in libxml2, and libxml, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1944.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1944.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1944","reference_id":"","reference_type":"","scores":[{"value":"0.23686","scoring_system":"epss","scoring_elements":"0.96094","published_at":"2026-06-04T12:55:00Z"},{"value":"0.23686","scoring_system":"epss","scoring_elements":"0.96099","published_at":"2026-06-05T12:55:00Z"},{"value":"0.23686","scoring_system":"epss","scoring_elements":"0.96102","published_at":"2026-06-06T12:55:00Z"},{"value":"0.23686","scoring_system":"epss","scoring_elements":"0.96103","published_at":"2026-06-08T12:55:00Z"},{"value":"0.23686","scoring_system":"epss","scoring_elements":"0.96108","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1944"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1944"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628537","reference_id":"628537","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628537"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=709747","reference_id":"709747","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=709747"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1944","reference_id":"CVE-2011-1944","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1944"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35810.txt","reference_id":"CVE-2011-1944;OSVDB-73248","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35810.txt"},{"reference_url":"https://www.securityfocus.com/bid/48056/info","reference_id":"CVE-2011-1944;OSVDB-73248","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/48056/info"},{"reference_url":"https://security.gentoo.org/glsa/201110-26","reference_id":"GLSA-201110-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1749","reference_id":"RHSA-2011:1749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0017","reference_id":"RHSA-2012:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0217","reference_id":"RHSA-2013:0217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0217"},{"reference_url":"https://usn.ubuntu.com/1153-1/","reference_id":"USN-1153-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1153-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["CVE-2011-1944"],"risk_score":0.4,"exploitability":"2.0","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jn88-q5mn-37gz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38622?format=json","vulnerability_id":"VCID-jtkn-83hh-x3et","summary":"Out-of-bounds Read\nlibxml2 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9050.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9050.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9050","reference_id":"","reference_type":"","scores":[{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54815","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54795","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54814","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54821","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54753","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54811","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9050"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1673","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1673"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://security.gentoo.org/glsa/201711-01","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/"}],"url":"https://security.gentoo.org/glsa/201711-01"},{"reference_url":"http://www.debian.org/security/2017/dsa-3952","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/"}],"url":"http://www.debian.org/security/2017/dsa-3952"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/05/15/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2017/05/15/1"},{"reference_url":"http://www.securityfocus.com/bid/98568","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/"}],"url":"http://www.securityfocus.com/bid/98568"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452553","reference_id":"1452553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452553"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863018","reference_id":"863018","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863018"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9050","reference_id":"CVE-2017-9050","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9050"},{"reference_url":"https://github.com/advisories/GHSA-8c56-cpmw-89x7","reference_id":"GHSA-8c56-cpmw-89x7","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8c56-cpmw-89x7"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/"}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T22:10:54Z/"}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://usn.ubuntu.com/3424-1/","reference_id":"USN-3424-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-1/"},{"reference_url":"https://usn.ubuntu.com/3424-2/","reference_id":"USN-3424-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5477?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4"}],"aliases":["CVE-2017-9050","GHSA-8c56-cpmw-89x7"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jtkn-83hh-x3et"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78006?format=json","vulnerability_id":"VCID-jwft-4pxx-5ydg","summary":"libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24928.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24928.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24928","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46517","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46552","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46532","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46506","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24928"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24928","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24928"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098321","reference_id":"1098321","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098321"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346421","reference_id":"2346421","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346421"},{"reference_url":"https://issues.oss-fuzz.com/issues/392687022","reference_id":"392687022","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T03:55:31Z/"}],"url":"https://issues.oss-fuzz.com/issues/392687022"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/847","reference_id":"847","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T03:55:31Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2482","reference_id":"RHSA-2025:2482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2482"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2483","reference_id":"RHSA-2025:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2507","reference_id":"RHSA-2025:2507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2513","reference_id":"RHSA-2025:2513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2654","reference_id":"RHSA-2025:2654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2660","reference_id":"RHSA-2025:2660","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2660"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2673","reference_id":"RHSA-2025:2673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2678","reference_id":"RHSA-2025:2678","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2678"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2679","reference_id":"RHSA-2025:2679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2679"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2686","reference_id":"RHSA-2025:2686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2789","reference_id":"RHSA-2025:2789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3055","reference_id":"RHSA-2025:3055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3297","reference_id":"RHSA-2025:3297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3297"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3368","reference_id":"RHSA-2025:3368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3397","reference_id":"RHSA-2025:3397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3453","reference_id":"RHSA-2025:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3453"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3569","reference_id":"RHSA-2025:3569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3775","reference_id":"RHSA-2025:3775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3780","reference_id":"RHSA-2025:3780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3867","reference_id":"RHSA-2025:3867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4005","reference_id":"RHSA-2025:4005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9895","reference_id":"RHSA-2025:9895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9895"},{"reference_url":"https://usn.ubuntu.com/7302-1/","reference_id":"USN-7302-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7302-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2025-24928"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jwft-4pxx-5ydg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51498?format=json","vulnerability_id":"VCID-jxz3-ug52-cuhn","summary":"libxml2 2.9.10 has an infinite loop in a certain end-of-file situation\nNokogiri has backported the patch for CVE-2020-7595 into its vendored version\nof libxml2, and released this as v1.10.8\n\nCVE-2020-7595 has not yet been addressed in an upstream libxml2 release, and\nso Nokogiri versions <= v1.10.7 are vulnerable.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7595.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7595.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-7595","reference_id":"","reference_type":"","scores":[{"value":"0.00476","scoring_system":"epss","scoring_elements":"0.65296","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00476","scoring_system":"epss","scoring_elements":"0.65285","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00476","scoring_system":"epss","scoring_elements":"0.65244","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00476","scoring_system":"epss","scoring_elements":"0.65292","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00476","scoring_system":"epss","scoring_elements":"0.65273","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00476","scoring_system":"epss","scoring_elements":"0.65284","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-7595"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7595","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7595"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2020-7595.yml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2020-7595.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1992","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1992"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/"},{"reference_url":"https://security.gentoo.org/glsa/202010-04","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://security.gentoo.org/glsa/202010-04"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200702-0005","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20200702-0005"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200702-0005/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://security.netapp.com/advisory/ntap-20200702-0005/"},{"reference_url":"https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08"},{"reference_url":"https://usn.ubuntu.com/4274-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4274-1"},{"reference_url":"https://usn.ubuntu.com/4274-1/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://usn.ubuntu.com/4274-1/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2020.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1799786","reference_id":"1799786","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1799786"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/","reference_id":"545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/","reference_id":"5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949582","reference_id":"949582","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949582"},{"reference_url":"https://security.archlinux.org/ASA-202011-15","reference_id":"ASA-202011-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202011-15"},{"reference_url":"https://security.archlinux.org/AVG-1263","reference_id":"AVG-1263","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1263"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-7595","reference_id":"CVE-2020-7595","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-7595"},{"reference_url":"https://github.com/advisories/GHSA-7553-jr98-vx47","reference_id":"GHSA-7553-jr98-vx47","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7553-jr98-vx47"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/","reference_id":"JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-03T15:33:37Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2644","reference_id":"RHSA-2020:2644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2646","reference_id":"RHSA-2020:2646","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2646"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3996","reference_id":"RHSA-2020:3996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4479","reference_id":"RHSA-2020:4479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0949","reference_id":"RHSA-2021:0949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0949"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2020-7595","GHSA-7553-jr98-vx47"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jxz3-ug52-cuhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77975?format=json","vulnerability_id":"VCID-kb3k-r616-6fht","summary":"Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4225.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4225.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4225","reference_id":"","reference_type":"","scores":[{"value":"0.04915","scoring_system":"epss","scoring_elements":"0.89787","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04915","scoring_system":"epss","scoring_elements":"0.89803","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04915","scoring_system":"epss","scoring_elements":"0.89805","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04915","scoring_system":"epss","scoring_elements":"0.89818","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4225"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=470480","reference_id":"470480","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=470480"},{"reference_url":"https://security.gentoo.org/glsa/200812-06","reference_id":"GLSA-200812-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0988","reference_id":"RHSA-2008:0988","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0988"},{"reference_url":"https://usn.ubuntu.com/673-1/","reference_id":"USN-673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/673-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4595?format=json","purl":"pkg:deb/debian/libxml2@2.6.32.dfsg-5%2Blenny5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2rbs-7dzf-wffv"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5rs7-d9hu-rke7"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-7qqd-ze42-ayab"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-b2jx-djjd-rbdx"},{"vulnerability":"VCID-b37v-a8em-gkfr"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-bqh3-eze3-3qbv"},{"vulnerability":"VCID-brg4-2x5t-akac"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-dmdw-gyj9-2ye5"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-fynm-ftmy-47eg"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jgtz-3gkg-dkbu"},{"vulnerability":"VCID-jn88-q5mn-37gz"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kmvz-pynk-p7fn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-p8us-th5q-yuey"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rzc3-s4fv-7fhp"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-uqus-6prc-w7dh"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-v22x-mq8p-8qc7"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-xse1-pmep-nqdc"},{"vulnerability":"VCID-xxpz-ak6z-5ufn"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.32.dfsg-5%252Blenny5"}],"aliases":["CVE-2008-4225"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kb3k-r616-6fht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38119?format=json","vulnerability_id":"VCID-kg69-mhxs-tkcx","summary":"Out-of-bounds Read\nThe xmlDictAddString function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1839.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1839.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1839","reference_id":"","reference_type":"","scores":[{"value":"0.04546","scoring_system":"epss","scoring_elements":"0.89369","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04546","scoring_system":"epss","scoring_elements":"0.89388","published_at":"2026-06-05T12:55:00Z"},{"value":"0.04546","scoring_system":"epss","scoring_elements":"0.89387","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04546","scoring_system":"epss","scoring_elements":"0.89386","published_at":"2026-06-07T12:55:00Z"},{"value":"0.04546","scoring_system":"epss","scoring_elements":"0.89404","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338703","reference_id":"1338703","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338703"},{"reference_url":"https://code.google.com/p/google-security-research/issues/detail?id=637","reference_id":"CVE-2016-1839","reference_type":"exploit","scores":[],"url":"https://code.google.com/p/google-security-research/issues/detail?id=637"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39491.txt","reference_id":"CVE-2016-1839","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39491.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1839","reference_id":"CVE-2016-1839","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-1839"],"risk_score":6.4,"exploitability":"2.0","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kg69-mhxs-tkcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77973?format=json","vulnerability_id":"VCID-kg71-czqe-v7g5","summary":"Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3529.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3529.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3529","reference_id":"","reference_type":"","scores":[{"value":"0.56626","scoring_system":"epss","scoring_elements":"0.98161","published_at":"2026-06-04T12:55:00Z"},{"value":"0.56626","scoring_system":"epss","scoring_elements":"0.98163","published_at":"2026-06-08T12:55:00Z"},{"value":"0.56626","scoring_system":"epss","scoring_elements":"0.98162","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-3529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=461015","reference_id":"461015","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=461015"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498768","reference_id":"498768","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498768"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/8798.rb","reference_id":"CVE-2008-3529;OSVDB-48158","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/8798.rb"},{"reference_url":"https://security.gentoo.org/glsa/200812-06","reference_id":"GLSA-200812-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0884","reference_id":"RHSA-2008:0884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0886","reference_id":"RHSA-2008:0886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0886"},{"reference_url":"https://usn.ubuntu.com/644-1/","reference_id":"USN-644-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/644-1/"},{"reference_url":"https://usn.ubuntu.com/815-1/","reference_id":"USN-815-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/815-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4595?format=json","purl":"pkg:deb/debian/libxml2@2.6.32.dfsg-5%2Blenny5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2rbs-7dzf-wffv"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5rs7-d9hu-rke7"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-7qqd-ze42-ayab"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-b2jx-djjd-rbdx"},{"vulnerability":"VCID-b37v-a8em-gkfr"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-bqh3-eze3-3qbv"},{"vulnerability":"VCID-brg4-2x5t-akac"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-dmdw-gyj9-2ye5"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-fynm-ftmy-47eg"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jgtz-3gkg-dkbu"},{"vulnerability":"VCID-jn88-q5mn-37gz"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kmvz-pynk-p7fn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-p8us-th5q-yuey"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rzc3-s4fv-7fhp"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-uqus-6prc-w7dh"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-v22x-mq8p-8qc7"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-xse1-pmep-nqdc"},{"vulnerability":"VCID-xxpz-ak6z-5ufn"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.32.dfsg-5%252Blenny5"}],"aliases":["CVE-2008-3529"],"risk_score":1.0,"exploitability":"2.0","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kg71-czqe-v7g5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37536?format=json","vulnerability_id":"VCID-kmvz-pynk-p7fn","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nlibxml2 allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka \"internal entity expansion\" with linear complexity.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0338.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0338.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0338","reference_id":"","reference_type":"","scores":[{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71779","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71818","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71825","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71801","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71787","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.7181","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0338"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0338","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0338"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702260","reference_id":"702260","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702260"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=912400","reference_id":"912400","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=912400"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0338","reference_id":"CVE-2013-0338","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0338"},{"reference_url":"https://security.gentoo.org/glsa/201311-06","reference_id":"GLSA-201311-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-06"},{"reference_url":"https://security.gentoo.org/glsa/201412-11","reference_id":"GLSA-201412-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0581","reference_id":"RHSA-2013:0581","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0581"},{"reference_url":"https://usn.ubuntu.com/1782-1/","reference_id":"USN-1782-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1782-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["CVE-2013-0338"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kmvz-pynk-p7fn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45037?format=json","vulnerability_id":"VCID-kvkp-bve3-bqh7","summary":"Double Free\nAn issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\\0' value).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29469.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29469.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29469","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36117","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44684","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44723","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44701","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.4467","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29469"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28484"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29469","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29469"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/510","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:02:27Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/510"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:02:27Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:02:27Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/04/msg00031.html"},{"reference_url":"https://nokogiri.org/CHANGELOG.html#1143-2023-04-11","reference_id":"","reference_type":"","scores":[],"url":"https://nokogiri.org/CHANGELOG.html#1143-2023-04-11"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034437","reference_id":"1034437","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034437"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2185984","reference_id":"2185984","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2185984"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-29469","reference_id":"CVE-2023-29469","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-29469"},{"reference_url":"https://security.gentoo.org/glsa/202402-11","reference_id":"GLSA-202402-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-11"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230601-0006/","reference_id":"ntap-20230601-0006","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-04T21:02:27Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230601-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4349","reference_id":"RHSA-2023:4349","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4529","reference_id":"RHSA-2023:4529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4628","reference_id":"RHSA-2023:4628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0413","reference_id":"RHSA-2024:0413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0413"},{"reference_url":"https://usn.ubuntu.com/6028-1/","reference_id":"USN-6028-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6028-1/"},{"reference_url":"https://usn.ubuntu.com/6028-2/","reference_id":"USN-6028-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6028-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2023-29469"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kvkp-bve3-bqh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4779?format=json","vulnerability_id":"VCID-m8d1-5qex-huf8","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5131.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5131.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5131","reference_id":"","reference_type":"","scores":[{"value":"0.0369","scoring_system":"epss","scoring_elements":"0.88165","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0369","scoring_system":"epss","scoring_elements":"0.88144","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0369","scoring_system":"epss","scoring_elements":"0.88168","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0369","scoring_system":"epss","scoring_elements":"0.88183","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0369","scoring_system":"epss","scoring_elements":"0.88169","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1707"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1708","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1708"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1709","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1709"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5130","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5130"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5132","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5132"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5133","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5133"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5134","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5134"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5136","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5136"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5137"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1036428","reference_id":"1036428","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://www.securitytracker.com/id/1036428"},{"reference_url":"http://www.securitytracker.com/id/1038623","reference_id":"1038623","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://www.securitytracker.com/id/1038623"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1358641","reference_id":"1358641","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1358641"},{"reference_url":"https://source.android.com/security/bulletin/2017-05-01","reference_id":"2017-05-01","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://source.android.com/security/bulletin/2017-05-01"},{"reference_url":"https://codereview.chromium.org/2127493002","reference_id":"2127493002","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://codereview.chromium.org/2127493002"},{"reference_url":"https://crbug.com/623378","reference_id":"623378","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://crbug.com/623378"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840554","reference_id":"840554","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840554"},{"reference_url":"http://www.securityfocus.com/bid/92053","reference_id":"92053","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://www.securityfocus.com/bid/92053"},{"reference_url":"https://security.archlinux.org/ASA-201611-2","reference_id":"ASA-201611-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-2"},{"reference_url":"https://security.archlinux.org/AVG-56","reference_id":"AVG-56","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-56"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5131","reference_id":"CVE-2016-5131","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5131"},{"reference_url":"http://www.debian.org/security/2016/dsa-3637","reference_id":"dsa-3637","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://www.debian.org/security/2016/dsa-3637"},{"reference_url":"https://security.gentoo.org/glsa/201610-09","reference_id":"GLSA-201610-09","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://security.gentoo.org/glsa/201610-09"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html","reference_id":"msg00028.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1485","reference_id":"RHSA-2016:1485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1485"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1485.html","reference_id":"RHSA-2016-1485.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2016-1485.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1190","reference_id":"RHSA-2020:1190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1190"},{"reference_url":"http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html","reference_id":"stable-channel-update.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html"},{"reference_url":"https://usn.ubuntu.com/3041-1/","reference_id":"USN-3041-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3041-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-3041-1","reference_id":"USN-3041-1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://www.ubuntu.com/usn/USN-3041-1"},{"reference_url":"https://usn.ubuntu.com/3235-1/","reference_id":"USN-3235-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3235-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-5131"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m8d1-5qex-huf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39177?format=json","vulnerability_id":"VCID-m91c-mfu9-bbbh","summary":"Loop with Unreachable Exit Condition ('Infinite Loop')\nparser.c in libxml2 does not prevent infinite recursion in parameter entities.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16932.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16932.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16932","reference_id":"","reference_type":"","scores":[{"value":"0.21755","scoring_system":"epss","scoring_elements":"0.95862","published_at":"2026-06-09T12:55:00Z"},{"value":"0.21755","scoring_system":"epss","scoring_elements":"0.95857","published_at":"2026-06-08T12:55:00Z"},{"value":"0.21755","scoring_system":"epss","scoring_elements":"0.95853","published_at":"2026-06-05T12:55:00Z"},{"value":"0.21755","scoring_system":"epss","scoring_elements":"0.95849","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16932"},{"reference_url":"https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/"}],"url":"https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=759579","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/"}],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=759579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/"}],"url":"https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-16932.yml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-16932.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1714","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1714"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/"}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/"}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html"},{"reference_url":"https://usn.ubuntu.com/3739-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/3739-1"},{"reference_url":"https://usn.ubuntu.com/3739-1/","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/"}],"url":"https://usn.ubuntu.com/3739-1/"},{"reference_url":"https://usn.ubuntu.com/usn/usn-3504-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/usn/usn-3504-1/"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/"}],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1517316","reference_id":"1517316","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1517316"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882613","reference_id":"882613","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882613"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961","reference_id":"899a5d9f0ed13b8e32449a08a361e0de127dd961","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T13:30:08Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16932","reference_id":"CVE-2017-16932","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16932"},{"reference_url":"https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html","reference_id":"CVE-2017-16932.HTML","reference_type":"","scores":[],"url":"https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-16932.html"},{"reference_url":"https://github.com/advisories/GHSA-x2fm-93ww-ggvx","reference_id":"GHSA-x2fm-93ww-ggvx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x2fm-93ww-ggvx"},{"reference_url":"https://usn.ubuntu.com/3504-1/","reference_id":"USN-3504-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3504-1/"},{"reference_url":"https://usn.ubuntu.com/3504-2/","reference_id":"USN-3504-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3504-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2017-16932","GHSA-x2fm-93ww-ggvx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m91c-mfu9-bbbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77998?format=json","vulnerability_id":"VCID-msku-25sz-rbeg","summary":"A remote code execution vulnerability in libxml2 could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37104170.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0663.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0663.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-0663","reference_id":"","reference_type":"","scores":[{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75948","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75976","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75965","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75951","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75974","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00893","scoring_system":"epss","scoring_elements":"0.75973","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-0663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1462225","reference_id":"1462225","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1462225"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870870","reference_id":"870870","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870870"},{"reference_url":"https://usn.ubuntu.com/3424-1/","reference_id":"USN-3424-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-1/"},{"reference_url":"https://usn.ubuntu.com/3424-2/","reference_id":"USN-3424-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5477?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4"}],"aliases":["CVE-2017-0663"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-msku-25sz-rbeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37768?format=json","vulnerability_id":"VCID-ne9k-m48b-13cu","summary":"Uncontrolled Resource Consumption\nparser.c in libxml2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the \"billion laughs\" attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3660.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3660.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3660","reference_id":"","reference_type":"","scores":[{"value":"0.03894","scoring_system":"epss","scoring_elements":"0.88476","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03894","scoring_system":"epss","scoring_elements":"0.88494","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03894","scoring_system":"epss","scoring_elements":"0.88496","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03894","scoring_system":"epss","scoring_elements":"0.88495","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03894","scoring_system":"epss","scoring_elements":"0.88511","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3660"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1149084","reference_id":"1149084","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1149084"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765722","reference_id":"765722","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765722"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3660","reference_id":"CVE-2014-3660","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3660"},{"reference_url":"https://security.gentoo.org/glsa/201412-06","reference_id":"GLSA-201412-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1655","reference_id":"RHSA-2014:1655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1885","reference_id":"RHSA-2014:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1885"},{"reference_url":"https://usn.ubuntu.com/2389-1/","reference_id":"USN-2389-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2389-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2014-3660"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ne9k-m48b-13cu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77983?format=json","vulnerability_id":"VCID-p8us-th5q-yuey","summary":"Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2821.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2821.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2821","reference_id":"","reference_type":"","scores":[{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83642","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83666","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83663","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83655","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01915","scoring_system":"epss","scoring_elements":"0.83669","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2821"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2821"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643648","reference_id":"643648","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643648"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=735712","reference_id":"735712","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=735712"},{"reference_url":"https://security.gentoo.org/glsa/201110-26","reference_id":"GLSA-201110-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1749","reference_id":"RHSA-2011:1749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0217","reference_id":"RHSA-2013:0217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0217"},{"reference_url":"https://usn.ubuntu.com/1334-1/","reference_id":"USN-1334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1334-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["CVE-2011-2821"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p8us-th5q-yuey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78003?format=json","vulnerability_id":"VCID-pdus-4wua-fucn","summary":"An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34459.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34459.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34459","reference_id":"","reference_type":"","scores":[{"value":"0.04197","scoring_system":"epss","scoring_elements":"0.88953","published_at":"2026-06-09T12:55:00Z"},{"value":"0.04197","scoring_system":"epss","scoring_elements":"0.88937","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04197","scoring_system":"epss","scoring_elements":"0.88936","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34459"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071162","reference_id":"1071162","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071162"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280532","reference_id":"2280532","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280532"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/","reference_id":"5HVUXKYTBWT3G5DEEQX62STJQBY367NL","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/","reference_id":"INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/"},{"reference_url":"https://usn.ubuntu.com/7240-1/","reference_id":"USN-7240-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7240-1/"},{"reference_url":"https://usn.ubuntu.com/7302-1/","reference_id":"USN-7302-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7302-1/"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8","reference_id":"v2.11.8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7","reference_id":"v2.12.7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/","reference_id":"VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2024-34459"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pdus-4wua-fucn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37973?format=json","vulnerability_id":"VCID-pgfh-4snq-pbe6","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8242.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8242.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8242","reference_id":"","reference_type":"","scores":[{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.77028","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.77027","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.77019","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.76986","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.77016","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.77005","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8242"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281950","reference_id":"1281950","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281950"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805146","reference_id":"805146","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805146"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8242","reference_id":"CVE-2015-8242","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-8242"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pgfh-4snq-pbe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38113?format=json","vulnerability_id":"VCID-q1rm-fyhj-kbfu","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1840.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1840.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1840","reference_id":"","reference_type":"","scores":[{"value":"0.01589","scoring_system":"epss","scoring_elements":"0.81964","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01589","scoring_system":"epss","scoring_elements":"0.81998","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01589","scoring_system":"epss","scoring_elements":"0.81999","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01589","scoring_system":"epss","scoring_elements":"0.82","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01589","scoring_system":"epss","scoring_elements":"0.81993","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01589","scoring_system":"epss","scoring_elements":"0.82008","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338706","reference_id":"1338706","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338706"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1840","reference_id":"CVE-2016-1840","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-1840"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q1rm-fyhj-kbfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38137?format=json","vulnerability_id":"VCID-q736-5feg-q3h2","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseElementDecl function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4447.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4447.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4447","reference_id":"","reference_type":"","scores":[{"value":"0.02658","scoring_system":"epss","scoring_elements":"0.86086","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02658","scoring_system":"epss","scoring_elements":"0.86083","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02658","scoring_system":"epss","scoring_elements":"0.86082","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02658","scoring_system":"epss","scoring_elements":"0.86061","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02658","scoring_system":"epss","scoring_elements":"0.86081","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02658","scoring_system":"epss","scoring_elements":"0.8607","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338686","reference_id":"1338686","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338686"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4447","reference_id":"CVE-2016-4447","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-4447"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q736-5feg-q3h2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78000?format=json","vulnerability_id":"VCID-qa31-1xtw-ybdg","summary":"An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40303.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40303.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40303","reference_id":"","reference_type":"","scores":[{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45889","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45926","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45957","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45961","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.4594","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45914","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40304"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3"},{"reference_url":"https://nokogiri.org/CHANGELOG.html#1139-2022-10-18","reference_id":"","reference_type":"","scores":[],"url":"https://nokogiri.org/CHANGELOG.html#1139-2022-10-18"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022224","reference_id":"1022224","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022224"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Dec/21","reference_id":"21","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Dec/21"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2136266","reference_id":"2136266","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2136266"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Dec/24","reference_id":"24","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Dec/24"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Dec/25","reference_id":"25","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Dec/25"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Dec/26","reference_id":"26","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Dec/26"},{"reference_url":"http://seclists.org/fulldisclosure/2022/Dec/27","reference_id":"27","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/"}],"url":"http://seclists.org/fulldisclosure/2022/Dec/27"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40303","reference_id":"CVE-2022-40303","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40303"},{"reference_url":"https://security.gentoo.org/glsa/202210-39","reference_id":"GLSA-202210-39","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-39"},{"reference_url":"https://support.apple.com/kb/HT213531","reference_id":"HT213531","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/"}],"url":"https://support.apple.com/kb/HT213531"},{"reference_url":"https://support.apple.com/kb/HT213533","reference_id":"HT213533","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/"}],"url":"https://support.apple.com/kb/HT213533"},{"reference_url":"https://support.apple.com/kb/HT213534","reference_id":"HT213534","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/"}],"url":"https://support.apple.com/kb/HT213534"},{"reference_url":"https://support.apple.com/kb/HT213535","reference_id":"HT213535","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/"}],"url":"https://support.apple.com/kb/HT213535"},{"reference_url":"https://support.apple.com/kb/HT213536","reference_id":"HT213536","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/"}],"url":"https://support.apple.com/kb/HT213536"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221209-0003/","reference_id":"ntap-20221209-0003","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-29T04:23:26Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221209-0003/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8841","reference_id":"RHSA-2022:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0173","reference_id":"RHSA-2023:0173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0338","reference_id":"RHSA-2023:0338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0413","reference_id":"RHSA-2024:0413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0413"},{"reference_url":"https://usn.ubuntu.com/5760-1/","reference_id":"USN-5760-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5760-1/"},{"reference_url":"https://usn.ubuntu.com/5760-2/","reference_id":"USN-5760-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5760-2/"},{"reference_url":"https://usn.ubuntu.com/7659-1/","reference_id":"USN-7659-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7659-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2022-40303"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qa31-1xtw-ybdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46942?format=json","vulnerability_id":"VCID-qv2p-47xc-eqc6","summary":"Use After Free\nWhen using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25062.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25062.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25062","reference_id":"","reference_type":"","scores":[{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37279","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.3733","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37335","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37302","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37265","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25062"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/604","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T17:35:33Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/604"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063234","reference_id":"1063234","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063234"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2262726","reference_id":"2262726","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2262726"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25062","reference_id":"CVE-2024-25062","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-25062"},{"reference_url":"https://security.gentoo.org/glsa/202402-11","reference_id":"GLSA-202402-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1317","reference_id":"RHSA-2024:1317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2679","reference_id":"RHSA-2024:2679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2679"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3299","reference_id":"RHSA-2024:3299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3303","reference_id":"RHSA-2024:3303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3625","reference_id":"RHSA-2024:3625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3626","reference_id":"RHSA-2024:3626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3626"},{"reference_url":"https://usn.ubuntu.com/6658-1/","reference_id":"USN-6658-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6658-1/"},{"reference_url":"https://usn.ubuntu.com/6658-2/","reference_id":"USN-6658-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6658-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2024-25062"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qv2p-47xc-eqc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78002?format=json","vulnerability_id":"VCID-r3xn-5u5y-hbdw","summary":"xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49043.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49043.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49043","reference_id":"","reference_type":"","scores":[{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.4481","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44848","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44879","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44886","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44865","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44836","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-49043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-49043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-49043"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094238","reference_id":"1094238","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094238"},{"reference_url":"https://github.com/php/php-src/issues/17467","reference_id":"17467","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-27T14:52:22Z/"}],"url":"https://github.com/php/php-src/issues/17467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2342118","reference_id":"2342118","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2342118"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b","reference_id":"5a19e21605398cef6a8b1452477a8705cb41562b","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-27T14:52:22Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1350","reference_id":"RHSA-2025:1350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1487","reference_id":"RHSA-2025:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1516","reference_id":"RHSA-2025:1516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1517","reference_id":"RHSA-2025:1517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1925","reference_id":"RHSA-2025:1925","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2507","reference_id":"RHSA-2025:2507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2678","reference_id":"RHSA-2025:2678","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2678"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3775","reference_id":"RHSA-2025:3775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3798","reference_id":"RHSA-2025:3798","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3798"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4409","reference_id":"RHSA-2025:4409","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4409"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4422","reference_id":"RHSA-2025:4422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4677","reference_id":"RHSA-2025:4677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7702","reference_id":"RHSA-2025:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7702"},{"reference_url":"https://usn.ubuntu.com/7240-1/","reference_id":"USN-7240-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7240-1/"},{"reference_url":"https://usn.ubuntu.com/7302-1/","reference_id":"USN-7302-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7302-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2022-49043"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r3xn-5u5y-hbdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77980?format=json","vulnerability_id":"VCID-rzc3-s4fv-7fhp","summary":"Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0216.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0216.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0216","reference_id":"","reference_type":"","scores":[{"value":"0.03971","scoring_system":"epss","scoring_elements":"0.88593","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03971","scoring_system":"epss","scoring_elements":"0.88611","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03971","scoring_system":"epss","scoring_elements":"0.88612","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03971","scoring_system":"epss","scoring_elements":"0.8861","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03971","scoring_system":"epss","scoring_elements":"0.88628","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0216"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652352","reference_id":"652352","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652352"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=724906","reference_id":"724906","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=724906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1749","reference_id":"RHSA-2011:1749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0016","reference_id":"RHSA-2012:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0017","reference_id":"RHSA-2012:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0217","reference_id":"RHSA-2013:0217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0217"},{"reference_url":"https://usn.ubuntu.com/1334-1/","reference_id":"USN-1334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1334-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["CVE-2011-0216"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rzc3-s4fv-7fhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3271?format=json","vulnerability_id":"VCID-tn6n-x8d3-jqd3","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6170.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6170.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6170","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10593","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13011","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13008","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12886","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12972","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6170"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6170","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6170"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107938","reference_id":"1107938","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107938"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372952","reference_id":"2372952","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T16:05:03Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372952"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/941","reference_id":"941","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T16:05:03Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/941"},{"reference_url":"https://security.archlinux.org/AVG-2898","reference_id":"AVG-2898","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2898"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1","reference_id":"cpe:/a:redhat:hummingbird:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1","reference_id":"cpe:/a:redhat:jboss_core_services:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_core_services:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-6170","reference_id":"CVE-2025-6170","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T16:05:03Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-6170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7519","reference_id":"RHSA-2026:7519","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T16:05:03Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:7519"},{"reference_url":"https://usn.ubuntu.com/7694-1/","reference_id":"USN-7694-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7694-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2025-6170"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tn6n-x8d3-jqd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77996?format=json","vulnerability_id":"VCID-tt91-8gv4-3qh9","summary":"Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before 10.11.5, allows remote attackers to cause a denial of service via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1835.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1835.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1835","reference_id":"","reference_type":"","scores":[{"value":"0.02749","scoring_system":"epss","scoring_elements":"0.86269","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02749","scoring_system":"epss","scoring_elements":"0.86291","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02749","scoring_system":"epss","scoring_elements":"0.86293","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02749","scoring_system":"epss","scoring_elements":"0.86289","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02749","scoring_system":"epss","scoring_elements":"0.86278","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338691","reference_id":"1338691","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-1835"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tt91-8gv4-3qh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77976?format=json","vulnerability_id":"VCID-tvkx-4rem-wydk","summary":"Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4226.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4226.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4226","reference_id":"","reference_type":"","scores":[{"value":"0.07959","scoring_system":"epss","scoring_elements":"0.9221","published_at":"2026-06-04T12:55:00Z"},{"value":"0.07959","scoring_system":"epss","scoring_elements":"0.92222","published_at":"2026-06-05T12:55:00Z"},{"value":"0.07959","scoring_system":"epss","scoring_elements":"0.9222","published_at":"2026-06-06T12:55:00Z"},{"value":"0.07959","scoring_system":"epss","scoring_elements":"0.92218","published_at":"2026-06-07T12:55:00Z"},{"value":"0.07959","scoring_system":"epss","scoring_elements":"0.92219","published_at":"2026-06-08T12:55:00Z"},{"value":"0.07959","scoring_system":"epss","scoring_elements":"0.92233","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4226"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4226"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=470466","reference_id":"470466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=470466"},{"reference_url":"https://security.gentoo.org/glsa/200812-06","reference_id":"GLSA-200812-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200812-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0988","reference_id":"RHSA-2008:0988","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0988"},{"reference_url":"https://usn.ubuntu.com/673-1/","reference_id":"USN-673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/673-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4595?format=json","purl":"pkg:deb/debian/libxml2@2.6.32.dfsg-5%2Blenny5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2rbs-7dzf-wffv"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5rs7-d9hu-rke7"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-7qqd-ze42-ayab"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-b2jx-djjd-rbdx"},{"vulnerability":"VCID-b37v-a8em-gkfr"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-bqh3-eze3-3qbv"},{"vulnerability":"VCID-brg4-2x5t-akac"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-dmdw-gyj9-2ye5"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-fynm-ftmy-47eg"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jgtz-3gkg-dkbu"},{"vulnerability":"VCID-jn88-q5mn-37gz"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kmvz-pynk-p7fn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-p8us-th5q-yuey"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rzc3-s4fv-7fhp"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-uqus-6prc-w7dh"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-v22x-mq8p-8qc7"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-xse1-pmep-nqdc"},{"vulnerability":"VCID-xxpz-ak6z-5ufn"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.32.dfsg-5%252Blenny5"}],"aliases":["CVE-2008-4226"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tvkx-4rem-wydk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38069?format=json","vulnerability_id":"VCID-u795-5dzy-gkbs","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8710.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8710.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8710","reference_id":"","reference_type":"","scores":[{"value":"0.04711","scoring_system":"epss","scoring_elements":"0.89558","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04711","scoring_system":"epss","scoring_elements":"0.89576","published_at":"2026-06-05T12:55:00Z"},{"value":"0.04711","scoring_system":"epss","scoring_elements":"0.89575","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04711","scoring_system":"epss","scoring_elements":"0.89573","published_at":"2026-06-07T12:55:00Z"},{"value":"0.04711","scoring_system":"epss","scoring_elements":"0.89591","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1213957","reference_id":"1213957","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1213957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782985","reference_id":"782985","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782985"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8710","reference_id":"CVE-2015-8710","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2875-1/","reference_id":"USN-2875-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2875-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-8710"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u795-5dzy-gkbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4339?format=json","vulnerability_id":"VCID-ueh5-fv4d-a7a8","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15412.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15412.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15412","reference_id":"","reference_type":"","scores":[{"value":"0.02535","scoring_system":"epss","scoring_elements":"0.85726","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02535","scoring_system":"epss","scoring_elements":"0.85745","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02535","scoring_system":"epss","scoring_elements":"0.85731","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02535","scoring_system":"epss","scoring_elements":"0.85747","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02535","scoring_system":"epss","scoring_elements":"0.8575","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02535","scoring_system":"epss","scoring_elements":"0.85748","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15412"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=783160","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=783160"},{"reference_url":"https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html"},{"reference_url":"https://crbug.com/727039","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://crbug.com/727039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-15412.yml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-15412.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1714","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":""},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1714"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html"},{"reference_url":"https://security.gentoo.org/glsa/201801-03","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201801-03"},{"reference_url":"https://web.archive.org/web/20201208155618/http://www.securitytracker.com/id/1040348","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201208155618/http://www.securitytracker.com/id/1040348"},{"reference_url":"https://www.debian.org/security/2018/dsa-4086","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2018/dsa-4086"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1523128","reference_id":"1523128","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1523128"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883790","reference_id":"883790","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883790"},{"reference_url":"https://security.archlinux.org/ASA-201712-5","reference_id":"ASA-201712-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201712-5"},{"reference_url":"https://security.archlinux.org/AVG-544","reference_id":"AVG-544","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-544"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15412","reference_id":"CVE-2017-15412","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15412"},{"reference_url":"https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html","reference_id":"CVE-2017-15412.HTML","reference_type":"","scores":[],"url":"https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html"},{"reference_url":"https://github.com/advisories/GHSA-r58r-74gx-6wx3","reference_id":"GHSA-r58r-74gx-6wx3","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r58r-74gx-6wx3"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3401","reference_id":"RHSA-2017:3401","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2017:3401"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0287","reference_id":"RHSA-2018:0287","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:0287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1190","reference_id":"RHSA-2020:1190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1190"},{"reference_url":"https://usn.ubuntu.com/3513-1/","reference_id":"USN-3513-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3513-1/"},{"reference_url":"https://usn.ubuntu.com/3513-2/","reference_id":"USN-3513-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3513-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5477?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4"}],"aliases":["CVE-2017-15412","GHSA-r58r-74gx-6wx3"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ueh5-fv4d-a7a8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78008?format=json","vulnerability_id":"VCID-uehj-g87n-sfcf","summary":"In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32414.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32414.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32414","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10477","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10577","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10538","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10452","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10555","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32414"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102521","reference_id":"1102521","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102521"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2358121","reference_id":"2358121","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2358121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12098","reference_id":"RHSA-2025:12098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12237","reference_id":"RHSA-2025:12237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12239","reference_id":"RHSA-2025:12239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12240","reference_id":"RHSA-2025:12240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12241","reference_id":"RHSA-2025:12241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13428","reference_id":"RHSA-2025:13428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13429","reference_id":"RHSA-2025:13429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13677","reference_id":"RHSA-2025:13677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13681","reference_id":"RHSA-2025:13681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13683","reference_id":"RHSA-2025:13683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13684","reference_id":"RHSA-2025:13684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14059","reference_id":"RHSA-2025:14059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14644","reference_id":"RHSA-2025:14644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14818","reference_id":"RHSA-2025:14818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14819","reference_id":"RHSA-2025:14819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14853","reference_id":"RHSA-2025:14853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14858","reference_id":"RHSA-2025:14858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15308","reference_id":"RHSA-2025:15308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15672","reference_id":"RHSA-2025:15672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16159","reference_id":"RHSA-2025:16159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22529","reference_id":"RHSA-2025:22529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8958","reference_id":"RHSA-2025:8958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7519","reference_id":"RHSA-2026:7519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7519"},{"reference_url":"https://usn.ubuntu.com/7467-1/","reference_id":"USN-7467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7467-1/"},{"reference_url":"https://usn.ubuntu.com/7467-2/","reference_id":"USN-7467-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7467-2/"},{"reference_url":"https://usn.ubuntu.com/7896-1/","reference_id":"USN-7896-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7896-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2025-32414"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uehj-g87n-sfcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78005?format=json","vulnerability_id":"VCID-up1g-mjyj-pub4","summary":"libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56171.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56171.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56171","reference_id":"","reference_type":"","scores":[{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39792","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39828","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39802","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39775","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39825","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56171"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56171","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56171"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098320","reference_id":"1098320","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098320"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346416","reference_id":"2346416","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346416"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/828","reference_id":"828","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T16:26:31Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/828"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2482","reference_id":"RHSA-2025:2482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2482"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2483","reference_id":"RHSA-2025:2483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2507","reference_id":"RHSA-2025:2507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2513","reference_id":"RHSA-2025:2513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2654","reference_id":"RHSA-2025:2654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2660","reference_id":"RHSA-2025:2660","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2660"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2673","reference_id":"RHSA-2025:2673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2678","reference_id":"RHSA-2025:2678","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2678"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2679","reference_id":"RHSA-2025:2679","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2679"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2686","reference_id":"RHSA-2025:2686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2789","reference_id":"RHSA-2025:2789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3055","reference_id":"RHSA-2025:3055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3059","reference_id":"RHSA-2025:3059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3066","reference_id":"RHSA-2025:3066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3368","reference_id":"RHSA-2025:3368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3397","reference_id":"RHSA-2025:3397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3453","reference_id":"RHSA-2025:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3453"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3569","reference_id":"RHSA-2025:3569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3867","reference_id":"RHSA-2025:3867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4005","reference_id":"RHSA-2025:4005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9895","reference_id":"RHSA-2025:9895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9895"},{"reference_url":"https://usn.ubuntu.com/7302-1/","reference_id":"USN-7302-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7302-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2024-56171"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-up1g-mjyj-pub4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37399?format=json","vulnerability_id":"VCID-uqus-6prc-w7dh","summary":"Double Free\nDouble free vulnerability in libxml2 and other versions, as used in Google Chrome and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4494.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4494.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4494","reference_id":"","reference_type":"","scores":[{"value":"0.01435","scoring_system":"epss","scoring_elements":"0.81038","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01435","scoring_system":"epss","scoring_elements":"0.81066","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01435","scoring_system":"epss","scoring_elements":"0.81069","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01435","scoring_system":"epss","scoring_elements":"0.81065","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01435","scoring_system":"epss","scoring_elements":"0.81061","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01435","scoring_system":"epss","scoring_elements":"0.81079","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607922","reference_id":"607922","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607922"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=665963","reference_id":"665963","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=665963"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4494","reference_id":"CVE-2010-4494","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4494"},{"reference_url":"https://security.gentoo.org/glsa/201110-26","reference_id":"GLSA-201110-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201110-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1749","reference_id":"RHSA-2011:1749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0217","reference_id":"RHSA-2013:0217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0217"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4596?format=json","purl":"pkg:deb/debian/libxml2@2.7.8.dfsg-2%2Bsqueeze8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2rbs-7dzf-wffv"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5rs7-d9hu-rke7"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-7qqd-ze42-ayab"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-b2jx-djjd-rbdx"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-bqh3-eze3-3qbv"},{"vulnerability":"VCID-brg4-2x5t-akac"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-dmdw-gyj9-2ye5"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jgtz-3gkg-dkbu"},{"vulnerability":"VCID-jn88-q5mn-37gz"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kmvz-pynk-p7fn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-p8us-th5q-yuey"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rzc3-s4fv-7fhp"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-v22x-mq8p-8qc7"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-xxpz-ak6z-5ufn"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-2%252Bsqueeze8"}],"aliases":["CVE-2010-4494"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uqus-6prc-w7dh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78009?format=json","vulnerability_id":"VCID-ur8u-6xpb-g3g3","summary":"In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32415.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32415.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32415","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14128","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14223","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14188","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14106","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14219","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32415"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103511","reference_id":"1103511","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103511"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360768","reference_id":"2360768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2360768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13203","reference_id":"RHSA-2025:13203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13428","reference_id":"RHSA-2025:13428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13429","reference_id":"RHSA-2025:13429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13622","reference_id":"RHSA-2025:13622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13677","reference_id":"RHSA-2025:13677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13681","reference_id":"RHSA-2025:13681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13683","reference_id":"RHSA-2025:13683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13684","reference_id":"RHSA-2025:13684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13688","reference_id":"RHSA-2025:13688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13689","reference_id":"RHSA-2025:13689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13788","reference_id":"RHSA-2025:13788","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13788"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13789","reference_id":"RHSA-2025:13789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13806","reference_id":"RHSA-2025:13806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14059","reference_id":"RHSA-2025:14059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14186","reference_id":"RHSA-2025:14186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14644","reference_id":"RHSA-2025:14644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14818","reference_id":"RHSA-2025:14818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14819","reference_id":"RHSA-2025:14819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14853","reference_id":"RHSA-2025:14853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14858","reference_id":"RHSA-2025:14858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15308","reference_id":"RHSA-2025:15308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15672","reference_id":"RHSA-2025:15672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16159","reference_id":"RHSA-2025:16159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:16159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22529","reference_id":"RHSA-2025:22529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22529"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7519","reference_id":"RHSA-2026:7519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7519"},{"reference_url":"https://usn.ubuntu.com/7467-1/","reference_id":"USN-7467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7467-1/"},{"reference_url":"https://usn.ubuntu.com/7467-2/","reference_id":"USN-7467-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7467-2/"},{"reference_url":"https://usn.ubuntu.com/7896-1/","reference_id":"USN-7896-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7896-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2025-32415"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ur8u-6xpb-g3g3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37627?format=json","vulnerability_id":"VCID-v22x-mq8p-8qc7","summary":"Uncontrolled Resource Consumption\nlibxml2 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0339.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0339.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0339","reference_id":"","reference_type":"","scores":[{"value":"0.01783","scoring_system":"epss","scoring_elements":"0.8307","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01783","scoring_system":"epss","scoring_elements":"0.83096","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01783","scoring_system":"epss","scoring_elements":"0.83093","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01783","scoring_system":"epss","scoring_elements":"0.83085","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01783","scoring_system":"epss","scoring_elements":"0.83097","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0339"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0339","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0339"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702260","reference_id":"702260","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702260"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=915149","reference_id":"915149","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=915149"},{"reference_url":"https://nvd.nist.gov/vuln/detail/cve-2013-0339","reference_id":"CVE-2013-0339","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/cve-2013-0339"},{"reference_url":"https://security.gentoo.org/glsa/201412-11","reference_id":"GLSA-201412-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-11"},{"reference_url":"https://usn.ubuntu.com/1904-1/","reference_id":"USN-1904-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1904-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["CVE-2013-0339"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v22x-mq8p-8qc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78007?format=json","vulnerability_id":"VCID-vfxe-t79s-3qbb","summary":"libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27113.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27113.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27113","reference_id":"","reference_type":"","scores":[{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26147","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26243","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26197","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26141","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.2625","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27113"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27113","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27113"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098322","reference_id":"1098322","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098322"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346410","reference_id":"2346410","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346410"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/861","reference_id":"861","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T15:33:43Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/861"},{"reference_url":"https://usn.ubuntu.com/7302-1/","reference_id":"USN-7302-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7302-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2025-27113"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vfxe-t79s-3qbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37979?format=json","vulnerability_id":"VCID-w156-x6fs-7baj","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseXMLDecl function in parser.c in libxml2 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8317.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8317.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8317","reference_id":"","reference_type":"","scores":[{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.6579","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65786","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65778","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65725","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65777","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00486","scoring_system":"epss","scoring_elements":"0.65767","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281930","reference_id":"1281930","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281930"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8317","reference_id":"CVE-2015-8317","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"},{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2015-8317"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w156-x6fs-7baj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38596?format=json","vulnerability_id":"VCID-wqc9-2nup-r7d5","summary":"Out-of-bounds Read\nThe htmlParseTryOrFinish function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (buffer over-read) or information disclosure.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8872.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8872.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8872","reference_id":"","reference_type":"","scores":[{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46294","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46326","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46361","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46363","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46342","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46316","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8872"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=775200","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:59:00Z/"}],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=775200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8872","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8872"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:N/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:59:00Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1449541","reference_id":"1449541","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1449541"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862450","reference_id":"862450","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862450"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8872","reference_id":"CVE-2017-8872","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-8872"},{"reference_url":"https://usn.ubuntu.com/4991-1/","reference_id":"USN-4991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5477?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4"}],"aliases":["CVE-2017-8872"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wqc9-2nup-r7d5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38620?format=json","vulnerability_id":"VCID-x53x-k5cn-4fhv","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nA buffer overflow was discovered in libxml2 . The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is assigned strlen(buf). If the content->type is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content->prefix is appended to buf (if it actually fits) whereupon (ii) content->name is written to the buffer. However, the check for whether the content->name actually fits also uses 'len' rather than the updated buffer length strlen(buf). This allows us to write about \"size\" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9047.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9047.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9047","reference_id":"","reference_type":"","scores":[{"value":"0.0266","scoring_system":"epss","scoring_elements":"0.86065","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0266","scoring_system":"epss","scoring_elements":"0.86088","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0266","scoring_system":"epss","scoring_elements":"0.86086","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0266","scoring_system":"epss","scoring_elements":"0.86074","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0266","scoring_system":"epss","scoring_elements":"0.86087","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0266","scoring_system":"epss","scoring_elements":"0.8609","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9047"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452554","reference_id":"1452554","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452554"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863022","reference_id":"863022","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863022"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9047","reference_id":"CVE-2017-9047","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-9047"},{"reference_url":"https://usn.ubuntu.com/3424-1/","reference_id":"USN-3424-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-1/"},{"reference_url":"https://usn.ubuntu.com/3424-2/","reference_id":"USN-3424-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3424-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5477?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4"}],"aliases":["CVE-2017-9047"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x53x-k5cn-4fhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77979?format=json","vulnerability_id":"VCID-xse1-pmep-nqdc","summary":"Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2416.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2416.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2416","reference_id":"","reference_type":"","scores":[{"value":"0.00504","scoring_system":"epss","scoring_elements":"0.66567","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00504","scoring_system":"epss","scoring_elements":"0.66551","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00504","scoring_system":"epss","scoring_elements":"0.66559","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00504","scoring_system":"epss","scoring_elements":"0.66519","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00504","scoring_system":"epss","scoring_elements":"0.66537","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00504","scoring_system":"epss","scoring_elements":"0.66554","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2416"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2416"},{"reference_url":"http://www.vupen.com/english/advisories/2009/2420","reference_id":"2420","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://www.vupen.com/english/advisories/2009/2420"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3184","reference_id":"3184","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3184"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3217","reference_id":"3217","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3217"},{"reference_url":"http://secunia.com/advisories/35036","reference_id":"35036","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://secunia.com/advisories/35036"},{"reference_url":"http://www.securityfocus.com/bid/36010","reference_id":"36010","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://www.securityfocus.com/bid/36010"},{"reference_url":"http://secunia.com/advisories/36207","reference_id":"36207","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://secunia.com/advisories/36207"},{"reference_url":"http://secunia.com/advisories/36338","reference_id":"36338","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://secunia.com/advisories/36338"},{"reference_url":"http://secunia.com/advisories/36417","reference_id":"36417","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://secunia.com/advisories/36417"},{"reference_url":"http://secunia.com/advisories/36631","reference_id":"36631","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://secunia.com/advisories/36631"},{"reference_url":"http://secunia.com/advisories/37346","reference_id":"37346","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://secunia.com/advisories/37346"},{"reference_url":"http://secunia.com/advisories/37471","reference_id":"37471","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://secunia.com/advisories/37471"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=515205","reference_id":"515205","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=515205"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540865","reference_id":"540865","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540865"},{"reference_url":"http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html","reference_id":"CVE-2009-2414-2416.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html"},{"reference_url":"http://www.debian.org/security/2009/dsa-1859","reference_id":"dsa-1859","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://www.debian.org/security/2009/dsa-1859"},{"reference_url":"https://security.gentoo.org/glsa/201009-07","reference_id":"GLSA-201009-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201009-07"},{"reference_url":"http://support.apple.com/kb/HT3937","reference_id":"HT3937","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://support.apple.com/kb/HT3937"},{"reference_url":"http://support.apple.com/kb/HT3949","reference_id":"HT3949","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://support.apple.com/kb/HT3949"},{"reference_url":"http://support.apple.com/kb/HT4225","reference_id":"HT4225","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://support.apple.com/kb/HT4225"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59","reference_id":"?id=489f9671e71cc44a97b23111b3126ac8a1e21a59","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html","reference_id":"msg00000.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html","reference_id":"msg00537.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html","reference_id":"msg00547.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html"},{"reference_url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html","reference_id":"msg00642.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html"},{"reference_url":"http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html","reference_id":"msg678527.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg678527.html"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A7783","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7783"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A9262","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9262"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1206","reference_id":"RHSA-2009:1206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1206"},{"reference_url":"http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html","reference_id":"stable-update-security-fixes.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html"},{"reference_url":"https://usn.ubuntu.com/815-1/","reference_id":"USN-815-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/815-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-815-1","reference_id":"USN-815-1","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://www.ubuntu.com/usn/USN-815-1"},{"reference_url":"http://www.codenomicon.com/labs/xml/","reference_id":"xml","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-06T15:40:41Z/"}],"url":"http://www.codenomicon.com/labs/xml/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4596?format=json","purl":"pkg:deb/debian/libxml2@2.7.8.dfsg-2%2Bsqueeze8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2rbs-7dzf-wffv"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5rs7-d9hu-rke7"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-7qqd-ze42-ayab"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-b2jx-djjd-rbdx"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-bqh3-eze3-3qbv"},{"vulnerability":"VCID-brg4-2x5t-akac"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-dmdw-gyj9-2ye5"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jgtz-3gkg-dkbu"},{"vulnerability":"VCID-jn88-q5mn-37gz"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kmvz-pynk-p7fn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-p8us-th5q-yuey"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rzc3-s4fv-7fhp"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-v22x-mq8p-8qc7"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-xxpz-ak6z-5ufn"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.7.8.dfsg-2%252Bsqueeze8"}],"aliases":["CVE-2009-2416"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xse1-pmep-nqdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37474?format=json","vulnerability_id":"VCID-xxpz-ak6z-5ufn","summary":"Uncontrolled Resource Consumption\nlibxml2 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0841.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0841","reference_id":"","reference_type":"","scores":[{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.63942","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.6393","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00449","scoring_system":"epss","scoring_elements":"0.6395","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77599","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77628","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01023","scoring_system":"epss","scoring_elements":"0.77636","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0841"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660846","reference_id":"660846","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=660846"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=787067","reference_id":"787067","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=787067"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-0841","reference_id":"CVE-2012-0841","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-0841"},{"reference_url":"https://security.gentoo.org/glsa/201203-04","reference_id":"GLSA-201203-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201203-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0324","reference_id":"RHSA-2012:0324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0217","reference_id":"RHSA-2013:0217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0217"},{"reference_url":"https://usn.ubuntu.com/1376-1/","reference_id":"USN-1376-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1376-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4598?format=json","purl":"pkg:deb/debian/libxml2@2.8.0%2Bdfsg1-7%2Bwheezy5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-43m9-cg6h-nuet"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bm7f-1hbr-dyfx"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.8.0%252Bdfsg1-7%252Bwheezy5"}],"aliases":["CVE-2012-0841"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xxpz-ak6z-5ufn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36136?format=json","vulnerability_id":"VCID-y6ed-mwdn-8bcv","summary":"NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2309.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2309.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2309","reference_id":"","reference_type":"","scores":[{"value":"0.01251","scoring_system":"epss","scoring_elements":"0.79705","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01251","scoring_system":"epss","scoring_elements":"0.79686","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01251","scoring_system":"epss","scoring_elements":"0.79697","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01251","scoring_system":"epss","scoring_elements":"0.79702","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01251","scoring_system":"epss","scoring_elements":"0.79696","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01251","scoring_system":"epss","scoring_elements":"0.7967","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2309"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-wrxv-2j5q-m38w","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wrxv-2j5q-m38w"},{"reference_url":"https://github.com/lxml/lxml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lxml/lxml"},{"reference_url":"https://github.com/lxml/lxml/blob/master/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lxml/lxml/blob/master/CHANGES.txt"},{"reference_url":"https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2022-230.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/lxml/PYSEC-2022-230.yaml"},{"reference_url":"https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/8264e74f-edda-4c40-9956-49de635105ba"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00021.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HGYC6L7ENH5VEGN3YWFBYMGKX6WNS7HZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URHHSIBTPTALXMECRLAC2EVDNAFSR5NO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2309","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-2309"},{"reference_url":"https://security.gentoo.org/glsa/202208-06","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202208-06"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220915-0006","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220915-0006"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014766","reference_id":"1014766","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014766"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039991","reference_id":"1039991","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039991"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107571","reference_id":"2107571","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8226","reference_id":"RHSA-2022:8226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8226"},{"reference_url":"https://usn.ubuntu.com/5760-1/","reference_id":"USN-5760-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5760-1/"},{"reference_url":"https://usn.ubuntu.com/6028-2/","reference_id":"USN-6028-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6028-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2022-2309","GHSA-wrxv-2j5q-m38w","PYSEC-2022-230"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y6ed-mwdn-8bcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38120?format=json","vulnerability_id":"VCID-y6zn-hwwh-23hp","summary":"Out-of-bounds Read\nThe xmlPArserPrintFileContextInternal function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1838.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1838.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1838","reference_id":"","reference_type":"","scores":[{"value":"0.03485","scoring_system":"epss","scoring_elements":"0.87792","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03485","scoring_system":"epss","scoring_elements":"0.87814","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03485","scoring_system":"epss","scoring_elements":"0.87816","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03485","scoring_system":"epss","scoring_elements":"0.87817","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03485","scoring_system":"epss","scoring_elements":"0.8783","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338705","reference_id":"1338705","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338705"},{"reference_url":"https://code.google.com/p/google-security-research/issues/detail?id=639","reference_id":"CVE-2016-1838","reference_type":"exploit","scores":[],"url":"https://code.google.com/p/google-security-research/issues/detail?id=639"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39493.txt","reference_id":"CVE-2016-1838","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39493.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1838","reference_id":"CVE-2016-1838","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-1838"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y6zn-hwwh-23hp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/38539?format=json","vulnerability_id":"VCID-y76b-6hzr-uqgb","summary":"Deserialization of Untrusted Data\nThe xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4483.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4483.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4483","reference_id":"","reference_type":"","scores":[{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79862","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79865","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79856","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79831","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79857","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79846","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4483"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1332820","reference_id":"1332820","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1332820"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823405","reference_id":"823405","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823405"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4483","reference_id":"CVE-2016-4483","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4600?format=json","purl":"pkg:deb/debian/libxml2@2.9.1%2Bdfsg1-5%2Bdeb8u6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1esy-azbk-rkgn"},{"vulnerability":"VCID-1f8c-m3q3-yyea"},{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-cgmw-k7dg-gbdw"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eb5v-9a7f-xyf2"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8jy-gtg6-x3f2"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-ne9k-m48b-13cu"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-tt91-8gv4-3qh9"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.1%252Bdfsg1-5%252Bdeb8u6"},{"url":"http://public2.vulnerablecode.io/api/packages/5082?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-2.2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-1vsu-txd5-qbf3"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5er3-1kbw-33gt"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-eh92-k5tc-vyab"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jtkn-83hh-x3et"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-msku-25sz-rbeg"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-wqc9-2nup-r7d5"},{"vulnerability":"VCID-x53x-k5cn-4fhv"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-2.2%252Bdeb9u2"}],"aliases":["CVE-2016-4483"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y76b-6hzr-uqgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46151?format=json","vulnerability_id":"VCID-y771-xrj9-6qca","summary":"Use After Free\nThis advisory has been marked as False Positive and removed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45322.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45322.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45322","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21605","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21712","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21699","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21654","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21596","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-45322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/344","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T18:12:15Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/344"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/583","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T18:12:15Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/583"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/10/06/5","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T18:12:15Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/10/06/5"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053629","reference_id":"1053629","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053629"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2242945","reference_id":"2242945","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2242945"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-45322","reference_id":"CVE-2023-45322","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-45322"},{"reference_url":"https://security.gentoo.org/glsa/202402-11","reference_id":"GLSA-202402-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509962?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p4u9-3nqe-v3ab"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5"}],"aliases":["CVE-2023-45322"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y771-xrj9-6qca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5279?format=json","vulnerability_id":"VCID-yjn6-17qx-9ubc","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3518.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3518.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3518","reference_id":"","reference_type":"","scores":[{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48575","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48638","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48613","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48599","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48627","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48646","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3518"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1954242","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1954242"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3518"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Jul/54","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2021/Jul/54"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Jul/55","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2021/Jul/55"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Jul/58","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2021/Jul/58"},{"reference_url":"http://seclists.org/fulldisclosure/2021/Jul/59","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2021/Jul/59"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3518.yml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-3518.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/blob/2edbbef95f1dc12c1ddc5ebda71b9159026245fe/CHANGELOG.md?plain=1#L722"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV/"},{"reference_url":"https://nokogiri.org/CHANGELOG.html#1114-2021-05-14","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":""},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nokogiri.org/CHANGELOG.html#1114-2021-05-14"},{"reference_url":"https://security.gentoo.org/glsa/202107-05","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202107-05"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210625-0002","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20210625-0002"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210625-0002/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20210625-0002/"},{"reference_url":"https://support.apple.com/kb/HT212601","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/kb/HT212601"},{"reference_url":"https://support.apple.com/kb/HT212602","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/kb/HT212602"},{"reference_url":"https://support.apple.com/kb/HT212604","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/kb/HT212604"},{"reference_url":"https://support.apple.com/kb/HT212605","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/kb/HT212605"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2022.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2021.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987737","reference_id":"987737","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987737"},{"reference_url":"https://security.archlinux.org/AVG-1883","reference_id":"AVG-1883","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1883"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3518","reference_id":"CVE-2021-3518","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3518"},{"reference_url":"https://github.com/advisories/GHSA-v4f8-2847-rwm7","reference_id":"GHSA-v4f8-2847-rwm7","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v4f8-2847-rwm7"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2569","reference_id":"RHSA-2021:2569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1389","reference_id":"RHSA-2022:1389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1390","reference_id":"RHSA-2022:1390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1390"},{"reference_url":"https://usn.ubuntu.com/4991-1/","reference_id":"USN-4991-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4991-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/509961?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-k5ns-qsh8-9ufj"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-rymj-pnfv-3khf"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4"}],"aliases":["CVE-2021-3518","GHSA-v4f8-2847-rwm7"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yjn6-17qx-9ubc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39176?format=json","vulnerability_id":"VCID-zezc-xfmm-cqcg","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nparser.c in libxml2 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16931.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16931.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16931","reference_id":"","reference_type":"","scores":[{"value":"0.01443","scoring_system":"epss","scoring_elements":"0.81079","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01443","scoring_system":"epss","scoring_elements":"0.81107","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01443","scoring_system":"epss","scoring_elements":"0.81111","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01443","scoring_system":"epss","scoring_elements":"0.81108","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01443","scoring_system":"epss","scoring_elements":"0.81103","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01443","scoring_system":"epss","scoring_elements":"0.81121","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16931"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16931","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16931"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1517307","reference_id":"1517307","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1517307"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16931","reference_id":"CVE-2017-16931","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16931"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5477?format=json","purl":"pkg:deb/debian/libxml2@2.9.4%2Bdfsg1-7%2Bdeb10u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sh8-bsk3-auct"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-5dmr-9sh2-w3hk"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6rnb-qe59-sbfy"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81dv-y5sg-9kgq"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-9d2s-f8da-pkgg"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-aj7d-6vcp-7yey"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-aqrr-3ej8-ukaa"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-c16x-s3zb-bbef"},{"vulnerability":"VCID-ct17-yjud-f3a1"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-fda4-67cq-cqg4"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-jwft-4pxx-5ydg"},{"vulnerability":"VCID-jxz3-ug52-cuhn"},{"vulnerability":"VCID-kvkp-bve3-bqh7"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-pdus-4wua-fucn"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-qv2p-47xc-eqc6"},{"vulnerability":"VCID-r3xn-5u5y-hbdw"},{"vulnerability":"VCID-tn6n-x8d3-jqd3"},{"vulnerability":"VCID-uehj-g87n-sfcf"},{"vulnerability":"VCID-up1g-mjyj-pub4"},{"vulnerability":"VCID-ur8u-6xpb-g3g3"},{"vulnerability":"VCID-vfxe-t79s-3qbb"},{"vulnerability":"VCID-y6ed-mwdn-8bcv"},{"vulnerability":"VCID-y771-xrj9-6qca"},{"vulnerability":"VCID-yjn6-17qx-9ubc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.4%252Bdfsg1-7%252Bdeb10u4"}],"aliases":["CVE-2017-16931"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zezc-xfmm-cqcg"}],"fixing_vulnerabilities":[],"risk_score":"6.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.6.27.dfsg-1"}