{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","type":"ebuild","namespace":"dev-libs","name":"libxml2","version":"2.9.4-r1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.9.4-r3","latest_non_vulnerable_version":"2.12.5","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7237?format=json","vulnerability_id":"VCID-2b1g-gp84-87e8","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlGROW function in parser.c in libxml2 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7499.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7499.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7499","reference_id":"","reference_type":"","scores":[{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72517","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01149","scoring_system":"epss","scoring_elements":"0.78628","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0141","scoring_system":"epss","scoring_elements":"0.8063","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81617","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81552","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81572","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81559","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.8159","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81591","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81595","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81625","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81692","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81668","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81646","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81487","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.8163","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81499","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81521","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81518","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81546","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7499"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281925","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281925"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=28cd9cb747a94483f4aea7f0968d202c20bb4cfc"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=35bcb1d758ed70aa7b257c9c3b3ff55e54e3d0da"},{"reference_url":"https://github.com/advisories/GHSA-jxjr-5h69-qw3w","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jxjr-5h69-qw3w"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-7499.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-7499.yml"},{"reference_url":"https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/ruby-security-ann/Dy7YiKb_pMM"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"},{"reference_url":"https://support.apple.com/HT206166","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206166"},{"reference_url":"https://support.apple.com/HT206167","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206167"},{"reference_url":"https://support.apple.com/HT206168","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206168"},{"reference_url":"https://support.apple.com/HT206169","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206169"},{"reference_url":"https://web.archive.org/web/20210724022841/http://www.securityfocus.com/bid/79509","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210724022841/http://www.securityfocus.com/bid/79509"},{"reference_url":"https://web.archive.org/web/20211205133229/https://securitytracker.com/id/1034243","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20211205133229/https://securitytracker.com/id/1034243"},{"reference_url":"http://www.debian.org/security/2015/dsa-3430","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3430"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/bid/79509","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/79509"},{"reference_url":"http://www.securitytracker.com/id/1034243","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034243"},{"reference_url":"http://www.ubuntu.com/usn/USN-2834-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2834-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7499","reference_id":"CVE-2015-7499","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7499"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"},{"reference_url":"https://usn.ubuntu.com/2875-1/","reference_id":"USN-2875-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2875-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2015-7499","GHSA-jxjr-5h69-qw3w"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2b1g-gp84-87e8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7361?format=json","vulnerability_id":"VCID-2j62-5rjn-vyeu","summary":"Uncontrolled Resource Consumption\ndict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the \"<!DOCTYPE html\" substring in a crafted HTML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8806.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8806.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8806","reference_id":"","reference_type":"","scores":[{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90694","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90731","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.9072","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.9071","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90699","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90819","published_at":"2026-05-12T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90809","published_at":"2026-05-11T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90811","published_at":"2026-05-09T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90799","published_at":"2026-05-07T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90781","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90764","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.9077","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90769","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90758","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90759","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90762","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90743","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90746","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06052","scoring_system":"epss","scoring_elements":"0.90737","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08565","scoring_system":"epss","scoring_elements":"0.92479","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8806"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=749115","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=749115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-8806.yml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-8806.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/03d402212707bd5dfa0a21b7de5e91a7f9d90028","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/sparklemotion/nokogiri/commit/03d402212707bd5dfa0a21b7de5e91a7f9d90028"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1473","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1473"},{"reference_url":"https://mail.gnome.org/archives/xml/2016-May/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://mail.gnome.org/archives/xml/2016-May/msg00023.html"},{"reference_url":"https://web.archive.org/web/20160928171015/http://www.securityfocus.com/bid/82071","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20160928171015/http://www.securityfocus.com/bid/82071"},{"reference_url":"https://www.debian.org/security/2016/dsa-3593","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2016/dsa-3593"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/02/03/5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/02/03/5"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"},{"reference_url":"http://www.securityfocus.com/bid/82071","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/82071"},{"reference_url":"http://www.ubuntu.com/usn/usn-2994-1/","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-2994-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-2994-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2994-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1304636","reference_id":"1304636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1304636"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813613","reference_id":"813613","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813613"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8806","reference_id":"CVE-2015-8806","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8806"},{"reference_url":"https://github.com/advisories/GHSA-7hp2-xwpj-95jq","reference_id":"GHSA-7hp2-xwpj-95jq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7hp2-xwpj-95jq"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2015-8806","GHSA-7hp2-xwpj-95jq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2j62-5rjn-vyeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7253?format=json","vulnerability_id":"VCID-33n1-125n-63h6","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseMisc function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7500.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7500.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7500","reference_id":"","reference_type":"","scores":[{"value":"0.01397","scoring_system":"epss","scoring_elements":"0.80591","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.80978","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81002","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81029","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81035","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81052","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81039","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81032","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81069","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.80969","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81068","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.8109","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81098","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81106","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.8112","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81142","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.81164","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01486","scoring_system":"epss","scoring_elements":"0.8107","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01657","scoring_system":"epss","scoring_elements":"0.82197","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02269","scoring_system":"epss","scoring_elements":"0.84756","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxml2/commit/?id=f1063fdbe7fa66332bbb76874101c2a7b51b519f"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"},{"reference_url":"https://support.apple.com/HT206166","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206166"},{"reference_url":"https://support.apple.com/HT206167","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206167"},{"reference_url":"https://support.apple.com/HT206168","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206168"},{"reference_url":"https://support.apple.com/HT206169","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206169"},{"reference_url":"http://www.debian.org/security/2015/dsa-3430","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3430"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/bid/79562","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/79562"},{"reference_url":"http://www.securitytracker.com/id/1034243","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034243"},{"reference_url":"http://www.ubuntu.com/usn/USN-2834-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2834-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281943","reference_id":"1281943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281943"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7500","reference_id":"CVE-2015-7500","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7500"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2015-7500"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-33n1-125n-63h6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7247?format=json","vulnerability_id":"VCID-3d1e-enaq-q3cx","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 allows context-dependent attackers to cause a denial of service via unspecified vectors.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7497.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7497.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7497","reference_id":"","reference_type":"","scores":[{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78784","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01836","scoring_system":"epss","scoring_elements":"0.83086","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02383","scoring_system":"epss","scoring_elements":"0.85112","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86666","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86685","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86695","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86708","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86705","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86699","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86637","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86717","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86728","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86736","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86758","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86776","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86793","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86711","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86647","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86667","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxml2/commit/?id=6360a31a84efe69d155ed96306b9a931a40beab9"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"},{"reference_url":"http://www.debian.org/security/2015/dsa-3430","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3430"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/bid/79508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/79508"},{"reference_url":"http://www.securitytracker.com/id/1034243","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034243"},{"reference_url":"http://www.ubuntu.com/usn/USN-2834-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2834-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281862","reference_id":"1281862","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281862"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7497","reference_id":"CVE-2015-7497","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7497"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2015-7497"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3d1e-enaq-q3cx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7205?format=json","vulnerability_id":"VCID-3s4n-twju-b3dw","summary":"Uncontrolled Resource Consumption\nThe xz_decomp function in xzlib.c in libxml2 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8035.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8035.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8035","reference_id":"","reference_type":"","scores":[{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.77251","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01006","scoring_system":"epss","scoring_elements":"0.77203","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01051","scoring_system":"epss","scoring_elements":"0.77678","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01051","scoring_system":"epss","scoring_elements":"0.77649","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01051","scoring_system":"epss","scoring_elements":"0.7764","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01051","scoring_system":"epss","scoring_elements":"0.77697","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0108","scoring_system":"epss","scoring_elements":"0.77787","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0108","scoring_system":"epss","scoring_elements":"0.77793","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0108","scoring_system":"epss","scoring_elements":"0.77821","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01104","scoring_system":"epss","scoring_elements":"0.78083","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01104","scoring_system":"epss","scoring_elements":"0.78079","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01104","scoring_system":"epss","scoring_elements":"0.78114","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01104","scoring_system":"epss","scoring_elements":"0.78108","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01104","scoring_system":"epss","scoring_elements":"0.78141","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01104","scoring_system":"epss","scoring_elements":"0.78147","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01104","scoring_system":"epss","scoring_elements":"0.781","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01104","scoring_system":"epss","scoring_elements":"0.78073","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01104","scoring_system":"epss","scoring_elements":"0.78069","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01104","scoring_system":"epss","scoring_elements":"0.78043","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01311","scoring_system":"epss","scoring_elements":"0.79937","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8035"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=757466","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=757466"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"},{"reference_url":"https://support.apple.com/HT206166","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206166"},{"reference_url":"https://support.apple.com/HT206167","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206167"},{"reference_url":"https://support.apple.com/HT206168","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206168"},{"reference_url":"https://support.apple.com/HT206169","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206169"},{"reference_url":"http://www.debian.org/security/2015/dsa-3430","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3430"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/11/02/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/11/02/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/11/02/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/11/02/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/11/03/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/11/03/1"},{"reference_url":"http://www.securityfocus.com/bid/77390","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/77390"},{"reference_url":"http://www.securitytracker.com/id/1034243","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034243"},{"reference_url":"http://www.ubuntu.com/usn/USN-2812-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2812-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1277146","reference_id":"1277146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1277146"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803942","reference_id":"803942","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=803942"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:2.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8035","reference_id":"CVE-2015-8035","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8035"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1190","reference_id":"RHSA-2020:1190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1190"},{"reference_url":"https://usn.ubuntu.com/2812-1/","reference_id":"USN-2812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2812-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2015-8035"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3s4n-twju-b3dw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7392?format=json","vulnerability_id":"VCID-51f2-w9b7-9fb4","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1840.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1840.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1840","reference_id":"","reference_type":"","scores":[{"value":"0.01589","scoring_system":"epss","scoring_elements":"0.81823","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01589","scoring_system":"epss","scoring_elements":"0.81782","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0163","scoring_system":"epss","scoring_elements":"0.82019","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.8416","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84178","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.8418","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84201","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84208","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84226","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.8422","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84217","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84146","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84239","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84243","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84268","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84276","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.8428","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84299","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84324","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84341","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02142","scoring_system":"epss","scoring_elements":"0.84238","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1840"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=757711","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=757711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=cbb271655cadeb8dbb258a64701d9a3a0c4835b4","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxml2/commit/?id=cbb271655cadeb8dbb258a64701d9a3a0c4835b4"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170"},{"reference_url":"https://support.apple.com/HT206564","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206564"},{"reference_url":"https://support.apple.com/HT206566","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206566"},{"reference_url":"https://support.apple.com/HT206567","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206567"},{"reference_url":"https://support.apple.com/HT206568","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206568"},{"reference_url":"https://www.debian.org/security/2016/dsa-3593","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3593"},{"reference_url":"https://www.tenable.com/security/tns-2016-18","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2016-18"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/90691","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/90691"},{"reference_url":"http://www.securitytracker.com/id/1035890","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035890"},{"reference_url":"http://www.ubuntu.com/usn/USN-2994-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2994-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338706","reference_id":"1338706","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338706"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1840","reference_id":"CVE-2016-1840","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1840"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2016-1840"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-51f2-w9b7-9fb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7206?format=json","vulnerability_id":"VCID-6h9f-6pmg-3fh3","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nlibxml2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7941.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7941.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7941","reference_id":"","reference_type":"","scores":[{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63003","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65538","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65587","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65617","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00517","scoring_system":"epss","scoring_elements":"0.66802","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67744","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67795","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67809","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67833","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.6782","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67784","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67814","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67843","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67848","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67824","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67867","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67907","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.67834","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00755","scoring_system":"epss","scoring_elements":"0.73341","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7941"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=744980","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=744980"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxml2/commit/?id=9b8512337d14c8ddf662fcb98b0135f225a1c489"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxml2/commit/?id=a7dfab7411cbf545f359dd3157e5df1eb0e7ce31"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"},{"reference_url":"http://www.debian.org/security/2015/dsa-3430","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3430"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/10/22/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/10/22/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/10/22/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/10/22/8"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/bid/74241","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/74241"},{"reference_url":"http://www.securitytracker.com/id/1034243","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034243"},{"reference_url":"http://www.ubuntu.com/usn/USN-2812-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2812-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1274222","reference_id":"1274222","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1274222"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783010","reference_id":"783010","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783010"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7941","reference_id":"CVE-2015-7941","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7941"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2812-1/","reference_id":"USN-2812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2812-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2015-7941"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6h9f-6pmg-3fh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7398?format=json","vulnerability_id":"VCID-7h3p-7ej2-17f1","summary":"Out-of-bounds Read\nThe xmlDictAddString function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1839.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1839.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1839","reference_id":"","reference_type":"","scores":[{"value":"0.04546","scoring_system":"epss","scoring_elements":"0.89263","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04546","scoring_system":"epss","scoring_elements":"0.89284","published_at":"2026-05-14T12:55:00Z"},{"value":"0.049","scoring_system":"epss","scoring_elements":"0.89663","published_at":"2026-05-11T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93326","published_at":"2026-04-07T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93335","published_at":"2026-04-08T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.9334","published_at":"2026-04-09T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93344","published_at":"2026-04-11T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93342","published_at":"2026-04-12T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93312","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93361","published_at":"2026-04-16T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93366","published_at":"2026-04-18T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93373","published_at":"2026-04-26T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93377","published_at":"2026-04-24T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93371","published_at":"2026-04-29T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93379","published_at":"2026-05-05T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93391","published_at":"2026-05-07T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93401","published_at":"2026-05-09T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93343","published_at":"2026-04-13T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93321","published_at":"2026-04-02T12:55:00Z"},{"value":"0.10773","scoring_system":"epss","scoring_elements":"0.93327","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1839"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=758605","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=758605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxml2/commit/?id=a820dbeac29d330bae4be05d9ecd939ad6b4aa33"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170"},{"reference_url":"https://support.apple.com/HT206564","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206564"},{"reference_url":"https://support.apple.com/HT206566","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206566"},{"reference_url":"https://support.apple.com/HT206567","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206567"},{"reference_url":"https://support.apple.com/HT206568","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206568"},{"reference_url":"https://www.debian.org/security/2016/dsa-3593","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3593"},{"reference_url":"https://www.tenable.com/security/tns-2016-18","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2016-18"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/90691","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/90691"},{"reference_url":"http://www.securitytracker.com/id/1035890","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035890"},{"reference_url":"http://www.securitytracker.com/id/1038623","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038623"},{"reference_url":"http://www.ubuntu.com/usn/USN-2994-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2994-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338703","reference_id":"1338703","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338703"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://code.google.com/p/google-security-research/issues/detail?id=637","reference_id":"CVE-2016-1839","reference_type":"exploit","scores":[],"url":"https://code.google.com/p/google-security-research/issues/detail?id=637"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39491.txt","reference_id":"CVE-2016-1839","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39491.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1839","reference_id":"CVE-2016-1839","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1839"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2016-1839"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7h3p-7ej2-17f1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7243?format=json","vulnerability_id":"VCID-9p2f-ynzb-r3gj","summary":"Vulnerabilities in libxml2\nSeveral vulnerabilities were discovered in the libxml2 library that this package gem depends on.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5312.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5312.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5312","reference_id":"","reference_type":"","scores":[{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76534","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76695","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76677","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76659","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76647","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76641","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76518","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76577","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76523","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76552","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76566","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76608","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.7662","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76617","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76575","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76582","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76603","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.77967","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01078","scoring_system":"epss","scoring_elements":"0.78012","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01481","scoring_system":"epss","scoring_elements":"0.81123","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5312"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1276693","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1276693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-5312.yml","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-5312.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/4205af1a2a546f79d1b48df2ad8b27299c0099c5","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/sparklemotion/nokogiri/commit/4205af1a2a546f79d1b48df2ad8b27299c0099c5"},{"reference_url":"https://github.com/sparklemotion/nokogiri/pull/1378","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/sparklemotion/nokogiri/pull/1378"},{"reference_url":"https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"},{"reference_url":"https://support.apple.com/HT206166","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206166"},{"reference_url":"https://support.apple.com/HT206167","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206167"},{"reference_url":"https://support.apple.com/HT206168","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206168"},{"reference_url":"https://support.apple.com/HT206169","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206169"},{"reference_url":"http://www.debian.org/security/2015/dsa-3430","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3430"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/bid/79536","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/79536"},{"reference_url":"http://www.securitytracker.com/id/1034243","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034243"},{"reference_url":"http://www.ubuntu.com/usn/USN-2834-1","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2834-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5312","reference_id":"CVE-2015-5312","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5312"},{"reference_url":"https://github.com/advisories/GHSA-xjqg-9jvg-fgx2","reference_id":"GHSA-xjqg-9jvg-fgx2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xjqg-9jvg-fgx2"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2015-5312","GHSA-xjqg-9jvg-fgx2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9p2f-ynzb-r3gj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7463?format=json","vulnerability_id":"VCID-9q49-2srz-rkg7","summary":"Use After Free\nUse-after-free vulnerability in libxml2, as used in Google Chrome, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.","references":[{"reference_url":"http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1485.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2016-1485.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5131.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5131.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5131","reference_id":"","reference_type":"","scores":[{"value":"0.0369","scoring_system":"epss","scoring_elements":"0.87985","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0369","scoring_system":"epss","scoring_elements":"0.88","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0369","scoring_system":"epss","scoring_elements":"0.88017","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0369","scoring_system":"epss","scoring_elements":"0.88014","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0369","scoring_system":"epss","scoring_elements":"0.88027","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0369","scoring_system":"epss","scoring_elements":"0.88057","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0369","scoring_system":"epss","scoring_elements":"0.87974","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03868","scoring_system":"epss","scoring_elements":"0.88239","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03868","scoring_system":"epss","scoring_elements":"0.88198","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03868","scoring_system":"epss","scoring_elements":"0.88217","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03868","scoring_system":"epss","scoring_elements":"0.88223","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03868","scoring_system":"epss","scoring_elements":"0.88234","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03868","scoring_system":"epss","scoring_elements":"0.88227","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03868","scoring_system":"epss","scoring_elements":"0.88226","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03868","scoring_system":"epss","scoring_elements":"0.8824","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03868","scoring_system":"epss","scoring_elements":"0.88258","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03868","scoring_system":"epss","scoring_elements":"0.88263","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03971","scoring_system":"epss","scoring_elements":"0.88338","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03971","scoring_system":"epss","scoring_elements":"0.8833","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03971","scoring_system":"epss","scoring_elements":"0.88352","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5131"},{"reference_url":"https://codereview.chromium.org/2127493002","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://codereview.chromium.org/2127493002"},{"reference_url":"https://crbug.com/623378","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://crbug.com/623378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1707"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1708","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1708"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1709","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1709"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5130","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5130"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5132","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5132"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5133","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5133"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5134","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5134"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5136","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5136"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5137"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://source.android.com/security/bulletin/2017-05-01","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://source.android.com/security/bulletin/2017-05-01"},{"reference_url":"https://support.apple.com/HT207141","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://support.apple.com/HT207141"},{"reference_url":"https://support.apple.com/HT207142","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://support.apple.com/HT207142"},{"reference_url":"https://support.apple.com/HT207143","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://support.apple.com/HT207143"},{"reference_url":"https://support.apple.com/HT207170","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://support.apple.com/HT207170"},{"reference_url":"http://www.debian.org/security/2016/dsa-3637","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://www.debian.org/security/2016/dsa-3637"},{"reference_url":"http://www.securityfocus.com/bid/92053","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://www.securityfocus.com/bid/92053"},{"reference_url":"http://www.securitytracker.com/id/1036428","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://www.securitytracker.com/id/1036428"},{"reference_url":"http://www.securitytracker.com/id/1038623","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://www.securitytracker.com/id/1038623"},{"reference_url":"http://www.ubuntu.com/usn/USN-3041-1","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"http://www.ubuntu.com/usn/USN-3041-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1358641","reference_id":"1358641","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1358641"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840554","reference_id":"840554","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840554"},{"reference_url":"https://security.archlinux.org/ASA-201611-2","reference_id":"ASA-201611-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-2"},{"reference_url":"https://security.archlinux.org/AVG-56","reference_id":"AVG-56","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-56"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5131","reference_id":"CVE-2016-5131","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5131"},{"reference_url":"https://security.gentoo.org/glsa/201610-09","reference_id":"GLSA-201610-09","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://security.gentoo.org/glsa/201610-09"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:49:18Z/"}],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1485","reference_id":"RHSA-2016:1485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1190","reference_id":"RHSA-2020:1190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1190"},{"reference_url":"https://usn.ubuntu.com/3041-1/","reference_id":"USN-3041-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3041-1/"},{"reference_url":"https://usn.ubuntu.com/3235-1/","reference_id":"USN-3235-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3235-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2016-5131"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9q49-2srz-rkg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7150?format=json","vulnerability_id":"VCID-b5tz-9s1v-pkg7","summary":"Vulnerabilities in libxml2 and libxslt\nSeveral vulnerabilities were discovered in the libxml2 and libxslt libraries that this package gem depends on.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1419.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-1419.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1819.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1819.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1819","reference_id":"","reference_type":"","scores":[{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83477","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83476","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83441","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83445","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83451","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83437","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83426","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83402","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83576","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83575","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83556","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83534","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.8351","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83508","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83501","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01944","scoring_system":"epss","scoring_elements":"0.83478","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01997","scoring_system":"epss","scoring_elements":"0.83606","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01997","scoring_system":"epss","scoring_elements":"0.83579","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01997","scoring_system":"epss","scoring_elements":"0.83591","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02045","scoring_system":"epss","scoring_elements":"0.83994","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02045","scoring_system":"epss","scoring_elements":"0.84029","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-1819.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-1819.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri/commit/8f3de6d88d0da11fb62a45daa61b85ce71b4af59","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/sparklemotion/nokogiri/commit/8f3de6d88d0da11fb62a45daa61b85ce71b4af59"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1374","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1374"},{"reference_url":"https://github.com/sparklemotion/nokogiri/pull/1376","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/sparklemotion/nokogiri/pull/1376"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-1819","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-1819"},{"reference_url":"https://security.gentoo.org/glsa/201507-08","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201507-08"},{"reference_url":"https://support.apple.com/HT206166","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206166"},{"reference_url":"https://support.apple.com/HT206167","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206167"},{"reference_url":"https://support.apple.com/HT206168","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206168"},{"reference_url":"https://support.apple.com/HT206169","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT206169"},{"reference_url":"http://www.debian.org/security/2015/dsa-3430","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2015/dsa-3430"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.ubuntu.com/usn/USN-2812-1","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ubuntu.com/usn/USN-2812-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1211278","reference_id":"1211278","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1211278"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782782","reference_id":"782782","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782782"},{"reference_url":"https://github.com/advisories/GHSA-q7wx-62r7-j2x7","reference_id":"GHSA-q7wx-62r7-j2x7","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q7wx-62r7-j2x7"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1419","reference_id":"RHSA-2015:1419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1419"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://usn.ubuntu.com/2812-1/","reference_id":"USN-2812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2812-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82929?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.2-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.2-r1"},{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2015-1819","GHSA-q7wx-62r7-j2x7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b5tz-9s1v-pkg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7393?format=json","vulnerability_id":"VCID-bk98-bfkg-7bdt","summary":"Use After Free\nUse-after-free vulnerability in the xmlDictComputeFastKey function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service via a crafted XML document.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1836.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1836.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1836","reference_id":"","reference_type":"","scores":[{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.7846","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78575","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78592","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78609","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78633","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78648","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78466","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78497","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.7848","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78507","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78512","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78537","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78519","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78511","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78539","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78538","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78535","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01153","scoring_system":"epss","scoring_elements":"0.78568","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79912","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01305","scoring_system":"epss","scoring_elements":"0.79949","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82916","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1836"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=759398","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=759398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxml2/commit/?id=45752d2c334b50016666d8f0ec3691e2d680f0a0"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170"},{"reference_url":"https://support.apple.com/HT206564","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206564"},{"reference_url":"https://support.apple.com/HT206566","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206566"},{"reference_url":"https://support.apple.com/HT206567","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206567"},{"reference_url":"https://support.apple.com/HT206568","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206568"},{"reference_url":"https://support.apple.com/HT206899","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206899"},{"reference_url":"https://support.apple.com/HT206901","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206901"},{"reference_url":"https://support.apple.com/HT206902","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206902"},{"reference_url":"https://support.apple.com/HT206903","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206903"},{"reference_url":"https://support.apple.com/HT206904","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206904"},{"reference_url":"https://support.apple.com/HT206905","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206905"},{"reference_url":"https://www.debian.org/security/2016/dsa-3593","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3593"},{"reference_url":"https://www.tenable.com/security/tns-2016-18","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2016-18"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/90691","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/90691"},{"reference_url":"http://www.securitytracker.com/id/1035890","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035890"},{"reference_url":"http://www.ubuntu.com/usn/USN-2994-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2994-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338702","reference_id":"1338702","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338702"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1836","reference_id":"CVE-2016-1836","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1836"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2016-1836"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bk98-bfkg-7bdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7391?format=json","vulnerability_id":"VCID-bp8r-8jjt-hygw","summary":"Improper Input Validation\nThe (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 do not properly keep track of the recursion depth, which allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a crafted XML document containing a large number of nested entity references.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3705.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3705.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3705","reference_id":"","reference_type":"","scores":[{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75547","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77402","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77446","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77455","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77481","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77505","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77311","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77339","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.7732","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.7735","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77359","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77386","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77365","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77362","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77304","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77401","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77393","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77427","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01034","scoring_system":"epss","scoring_elements":"0.77434","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77641","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0145","scoring_system":"epss","scoring_elements":"0.8091","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3705"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=765207","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=765207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"http://seclists.org/fulldisclosure/2016/May/10","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2016/May/10"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170"},{"reference_url":"https://www.debian.org/security/2016/dsa-3593","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3593"},{"reference_url":"https://www.tenable.com/security/tns-2016-18","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2016-18"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/89854","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/89854"},{"reference_url":"http://www.ubuntu.com/usn/USN-2994-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2994-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1332443","reference_id":"1332443","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1332443"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823414","reference_id":"823414","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823414"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-3705","reference_id":"CVE-2016-3705","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-3705"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2016-3705"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bp8r-8jjt-hygw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7510?format=json","vulnerability_id":"VCID-ecde-c15q-ukh1","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nxpointer.c in libxml2 (as used in Apple iOS, OS X, tvOS, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4658.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4658.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4658","reference_id":"","reference_type":"","scores":[{"value":"0.11265","scoring_system":"epss","scoring_elements":"0.93587","published_at":"2026-05-12T12:55:00Z"},{"value":"0.11265","scoring_system":"epss","scoring_elements":"0.936","published_at":"2026-05-14T12:55:00Z"},{"value":"0.15391","scoring_system":"epss","scoring_elements":"0.94697","published_at":"2026-05-11T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.95113","published_at":"2026-04-11T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.95107","published_at":"2026-04-09T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.95115","published_at":"2026-04-12T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.95096","published_at":"2026-04-07T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.95158","published_at":"2026-05-09T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.95149","published_at":"2026-05-07T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.95143","published_at":"2026-05-05T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.95132","published_at":"2026-04-29T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.95131","published_at":"2026-04-26T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.9513","published_at":"2026-04-24T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.95128","published_at":"2026-04-18T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.95125","published_at":"2026-04-16T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.95117","published_at":"2026-04-13T12:55:00Z"},{"value":"0.17714","scoring_system":"epss","scoring_elements":"0.95103","published_at":"2026-04-08T12:55:00Z"},{"value":"0.18099","scoring_system":"epss","scoring_elements":"0.95154","published_at":"2026-04-02T12:55:00Z"},{"value":"0.18099","scoring_system":"epss","scoring_elements":"0.95143","published_at":"2026-04-01T12:55:00Z"},{"value":"0.18099","scoring_system":"epss","scoring_elements":"0.95156","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4658"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5131"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1615","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1615"},{"reference_url":"https://support.apple.com/HT207141","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT207141"},{"reference_url":"https://support.apple.com/HT207142","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT207142"},{"reference_url":"https://support.apple.com/HT207143","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT207143"},{"reference_url":"https://support.apple.com/HT207170","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://support.apple.com/HT207170"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1384424","reference_id":"1384424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1384424"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840553","reference_id":"840553","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840553"},{"reference_url":"https://security.archlinux.org/ASA-201611-2","reference_id":"ASA-201611-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-2"},{"reference_url":"https://security.archlinux.org/AVG-56","reference_id":"AVG-56","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-56"},{"reference_url":"http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4448.html","reference_id":"CVE-2016-4448.HTML","reference_type":"","scores":[],"url":"http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4448.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4658","reference_id":"CVE-2016-4658","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4658"},{"reference_url":"http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html","reference_id":"CVE-2016-4658.HTML","reference_type":"","scores":[],"url":"http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html"},{"reference_url":"http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5131.html","reference_id":"CVE-2016-5131.HTML","reference_type":"","scores":[],"url":"http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5131.html"},{"reference_url":"https://github.com/advisories/GHSA-fr52-4hqw-p27f","reference_id":"GHSA-fr52-4hqw-p27f","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fr52-4hqw-p27f"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3810","reference_id":"RHSA-2021:3810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3810"},{"reference_url":"https://usn.ubuntu.com/3235-1/","reference_id":"USN-3235-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3235-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2016-4658","GHSA-fr52-4hqw-p27f"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ecde-c15q-ukh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7238?format=json","vulnerability_id":"VCID-ghaf-ynsg-uuea","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8242.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8242.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8242","reference_id":"","reference_type":"","scores":[{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.76817","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01154","scoring_system":"epss","scoring_elements":"0.78672","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.8018","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80169","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80197","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80205","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80225","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80211","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80206","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80153","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80236","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80239","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80265","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80272","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80288","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80304","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80326","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80342","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.80234","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01368","scoring_system":"epss","scoring_elements":"0.8016","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01503","scoring_system":"epss","scoring_elements":"0.81274","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8242"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=756372","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=756372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxml2/commit/?id=8fb4a770075628d6441fb17a1e435100e2f3b1a2"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"},{"reference_url":"https://support.apple.com/HT206166","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206166"},{"reference_url":"https://support.apple.com/HT206167","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206167"},{"reference_url":"https://support.apple.com/HT206168","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206168"},{"reference_url":"https://support.apple.com/HT206169","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206169"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/11/17/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/11/17/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/11/18/23","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/11/18/23"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/bid/77681","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/77681"},{"reference_url":"http://www.securitytracker.com/id/1034243","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034243"},{"reference_url":"http://www.ubuntu.com/usn/USN-2834-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2834-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281950","reference_id":"1281950","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281950"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805146","reference_id":"805146","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805146"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8242","reference_id":"CVE-2015-8242","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8242"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2015-8242"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ghaf-ynsg-uuea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7250?format=json","vulnerability_id":"VCID-gxsm-qvkt-gygy","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7498.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7498.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7498","reference_id":"","reference_type":"","scores":[{"value":"0.01161","scoring_system":"epss","scoring_elements":"0.78784","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01836","scoring_system":"epss","scoring_elements":"0.83086","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02383","scoring_system":"epss","scoring_elements":"0.85112","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87118","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87139","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87146","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87159","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87153","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87149","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87097","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.8717","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87184","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.8719","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.8721","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87226","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87245","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87165","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87108","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03265","scoring_system":"epss","scoring_elements":"0.87125","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"},{"reference_url":"http://www.debian.org/security/2015/dsa-3430","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3430"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/bid/79548","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/79548"},{"reference_url":"http://www.securitytracker.com/id/1034243","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034243"},{"reference_url":"http://www.ubuntu.com/usn/USN-2834-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2834-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281879","reference_id":"1281879","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1281879"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7498","reference_id":"CVE-2015-7498","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7498"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2834-1/","reference_id":"USN-2834-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2834-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2015-7498"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxsm-qvkt-gygy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7876?format=json","vulnerability_id":"VCID-s3j9-1zq5-zkf5","summary":"Deserialization of Untrusted Data\nThe xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4483.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4483.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4483","reference_id":"","reference_type":"","scores":[{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79677","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79626","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79639","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.7944","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79447","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79471","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79458","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79486","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79494","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79516","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79499","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.7949","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.7952","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79518","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79522","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79554","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.7956","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79575","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79591","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.79612","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0127","scoring_system":"epss","scoring_elements":"0.7963","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4483"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=c97750d11bb8b6f3303e7131fe526a61ac65bcfd","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxml2/commit/?id=c97750d11bb8b6f3303e7131fe526a61ac65bcfd"},{"reference_url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://www.tenable.com/security/tns-2016-18","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2016-18"},{"reference_url":"http://www.debian.org/security/2016/dsa-3593","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3593"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/05/03/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/05/03/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/05/04/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/05/04/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/06/07/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/06/07/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/06/07/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/06/07/5"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"},{"reference_url":"http://www.securityfocus.com/bid/90013","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/90013"},{"reference_url":"http://www.securitytracker.com/id/1036348","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036348"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1332820","reference_id":"1332820","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1332820"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823405","reference_id":"823405","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823405"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4483","reference_id":"CVE-2016-4483","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4483"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2016-4483"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s3j9-1zq5-zkf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7285?format=json","vulnerability_id":"VCID-tyk2-gq2c-bbcn","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a crafted XML document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2073.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2073.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2073","reference_id":"","reference_type":"","scores":[{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.79831","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80002","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80017","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.80013","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.8003","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.79839","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.7986","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.79848","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.79876","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.79884","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.79905","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.79887","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.7988","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.79909","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.7991","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.79913","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.79941","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.79948","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.79965","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01321","scoring_system":"epss","scoring_elements":"0.7998","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81351","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2016/dsa-3593","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3593"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/25/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/25/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/26/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/26/7"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"},{"reference_url":"http://www.securityfocus.com/bid/85267","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/85267"},{"reference_url":"http://www.securitytracker.com/id/1035011","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035011"},{"reference_url":"http://www.ubuntu.com/usn/USN-2994-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2994-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301928","reference_id":"1301928","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301928"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812807","reference_id":"812807","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812807"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2073","reference_id":"CVE-2016-2073","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2073"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2016-2073"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tyk2-gq2c-bbcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7399?format=json","vulnerability_id":"VCID-vcq9-93xd-nfbe","summary":"Out-of-bounds Read\nThe xmlPArserPrintFileContextInternal function in libxml2, as used in Apple iOS, OS X, tvOS, and watchOS, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00003.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1838.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1838.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1838","reference_id":"","reference_type":"","scores":[{"value":"0.03485","scoring_system":"epss","scoring_elements":"0.87669","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03485","scoring_system":"epss","scoring_elements":"0.87702","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04658","scoring_system":"epss","scoring_elements":"0.89388","published_at":"2026-05-11T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93285","published_at":"2026-04-07T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93294","published_at":"2026-04-08T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93298","published_at":"2026-04-09T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93303","published_at":"2026-04-11T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93301","published_at":"2026-04-12T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93302","published_at":"2026-04-13T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93272","published_at":"2026-04-01T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93325","published_at":"2026-04-18T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93332","published_at":"2026-04-21T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93336","published_at":"2026-04-24T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93333","published_at":"2026-04-26T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93331","published_at":"2026-04-29T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93338","published_at":"2026-05-05T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93351","published_at":"2026-05-07T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.9336","published_at":"2026-05-09T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.9332","published_at":"2026-04-16T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93281","published_at":"2026-04-02T12:55:00Z"},{"value":"0.1065","scoring_system":"epss","scoring_elements":"0.93287","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1838"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=639","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=639"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=758588","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=758588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"https://git.gnome.org/browse/libxml2/commit/?id=db07dd613e461df93dde7902c6505629bf0734e9","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/libxml2/commit/?id=db07dd613e461df93dde7902c6505629bf0734e9"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170"},{"reference_url":"https://support.apple.com/HT206564","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206564"},{"reference_url":"https://support.apple.com/HT206566","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206566"},{"reference_url":"https://support.apple.com/HT206567","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206567"},{"reference_url":"https://support.apple.com/HT206568","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206568"},{"reference_url":"https://www.debian.org/security/2016/dsa-3593","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2016/dsa-3593"},{"reference_url":"https://www.tenable.com/security/tns-2016-18","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/tns-2016-18"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/90691","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/90691"},{"reference_url":"http://www.securitytracker.com/id/1035890","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035890"},{"reference_url":"http://www.ubuntu.com/usn/USN-2994-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2994-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338705","reference_id":"1338705","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1338705"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://code.google.com/p/google-security-research/issues/detail?id=639","reference_id":"CVE-2016-1838","reference_type":"exploit","scores":[],"url":"https://code.google.com/p/google-security-research/issues/detail?id=639"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39493.txt","reference_id":"CVE-2016-1838","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/39493.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1838","reference_id":"CVE-2016-1838","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1838"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2016-1838"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vcq9-93xd-nfbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7204?format=json","vulnerability_id":"VCID-wtxh-xxp2-d3hr","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nThe xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted XML data, a different vulnerability than CVE-2015-7941.","references":[{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=145382616617563&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2549.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2550.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1089.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7942.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7942.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7942","reference_id":"","reference_type":"","scores":[{"value":"0.01012","scoring_system":"epss","scoring_elements":"0.77319","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01201","scoring_system":"epss","scoring_elements":"0.79065","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80792","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80819","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80827","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80844","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80829","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80821","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80858","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80765","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80863","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80885","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80891","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80903","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80919","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.8094","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80962","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80861","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01457","scoring_system":"epss","scoring_elements":"0.80774","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82088","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7942"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=744980#c8","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=744980#c8"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=756456","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=756456"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7942"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8241"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"},{"reference_url":"https://support.apple.com/HT206166","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206166"},{"reference_url":"https://support.apple.com/HT206167","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206167"},{"reference_url":"https://support.apple.com/HT206168","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206168"},{"reference_url":"https://support.apple.com/HT206169","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206169"},{"reference_url":"http://www.debian.org/security/2015/dsa-3430","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3430"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/10/22/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/10/22/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/10/22/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/10/22/8"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/bid/79507","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/79507"},{"reference_url":"http://www.securitytracker.com/id/1034243","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034243"},{"reference_url":"http://www.ubuntu.com/usn/USN-2812-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2812-1"},{"reference_url":"http://xmlsoft.org/news.html","reference_id":"","reference_type":"","scores":[],"url":"http://xmlsoft.org/news.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1276297","reference_id":"1276297","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1276297"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802827","reference_id":"802827","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802827"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7942","reference_id":"CVE-2015-7942","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7942"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2549","reference_id":"RHSA-2015:2549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2550","reference_id":"RHSA-2015:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1089","reference_id":"RHSA-2016:1089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1089"},{"reference_url":"https://usn.ubuntu.com/2812-1/","reference_id":"USN-2812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2812-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2015-7942"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wtxh-xxp2-d3hr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7387?format=json","vulnerability_id":"VCID-wy5v-dsp3-a7aa","summary":"Improper Input Validation\nThe xmlStringGetNodeList function in tree.c in libxml2, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00055.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00127.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2016-2957.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3627.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3627.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3627","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24758","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27674","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2769","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36989","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37239","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36852","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36787","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36905","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37331","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.3732","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37308","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37257","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37429","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37405","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36872","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37021","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37245","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37299","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37316","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.3727","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37298","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1762"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2073"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4483"},{"reference_url":"http://seclists.org/fulldisclosure/2016/May/10","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://seclists.org/fulldisclosure/2016/May/10"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157239"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10170"},{"reference_url":"https://www.debian.org/security/2016/dsa-3593","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"https://www.debian.org/security/2016/dsa-3593"},{"reference_url":"https://www.tenable.com/security/tns-2016-18","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"https://www.tenable.com/security/tns-2016-18"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/03/21/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2016/03/21/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/03/21/3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://www.openwall.com/lists/oss-security/2016/03/21/3"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/84992","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://www.securityfocus.com/bid/84992"},{"reference_url":"http://www.securitytracker.com/id/1035335","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://www.securitytracker.com/id/1035335"},{"reference_url":"http://www.ubuntu.com/usn/USN-2994-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"http://www.ubuntu.com/usn/USN-2994-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1319829","reference_id":"1319829","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1319829"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819006","reference_id":"819006","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819006"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.3:*:*:*:*:*:x86:*","reference_id":"cpe:2.3:a:oracle:vm_server:3.3:*:*:*:*:*:x86:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.3:*:*:*:*:*:x86:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.4:*:*:*:*:*:x86:*","reference_id":"cpe:2.3:a:oracle:vm_server:3.4:*:*:*:*:*:x86:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.4:*:*:*:*:*:x86:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-3627","reference_id":"CVE-2016-3627","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-3627"},{"reference_url":"https://security.gentoo.org/glsa/201701-37","reference_id":"GLSA-201701-37","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"https://security.gentoo.org/glsa/201701-37"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1292","reference_id":"RHSA-2016:1292","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-04T15:39:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2016:1292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2957","reference_id":"RHSA-2016:2957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2957"},{"reference_url":"https://usn.ubuntu.com/2994-1/","reference_id":"USN-2994-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2994-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/73624?format=json","purl":"pkg:ebuild/dev-libs/libxml2@2.9.4-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}],"aliases":["CVE-2016-3627"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wy5v-dsp3-a7aa"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxml2@2.9.4-r1"}