Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie

Type deb

Namespace debian

Name libxml2

Version 2.9.14+dfsg-1.3~deb12u2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.9.14+dfsg-1.3~deb12u3

Latest_non_vulnerable_version 2.15.2+dfsg-0.1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-31w8-13b6-8beh

vulnerability_id VCID-31w8-13b6-8beh

summary libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24928.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24928.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-24928

reference_id

reference_type

scores

value	0.00235
scoring_system	epss
scoring_elements	0.46331
published_at	2026-04-02T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46418
published_at	2026-04-16T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46355
published_at	2026-04-08T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46356
published_at	2026-04-09T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46379
published_at	2026-04-11T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46351
published_at	2026-04-12T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46361
published_at	2026-04-13T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.46352
published_at	2026-04-04T12:55:00Z

value	0.00235
scoring_system	epss
scoring_elements	0.463
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-24928

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24928
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24928

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098321
reference_id	1098321
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098321

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2346421
reference_id	2346421
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2346421

reference_url

https://issues.oss-fuzz.com/issues/392687022

reference_id

392687022

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T03:55:31Z/

url

https://issues.oss-fuzz.com/issues/392687022

reference_url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/847

reference_id

847

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-23T03:55:31Z/

url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/847

reference_url	https://access.redhat.com/errata/RHSA-2025:2482
reference_id	RHSA-2025:2482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2482

reference_url	https://access.redhat.com/errata/RHSA-2025:2483
reference_id	RHSA-2025:2483
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2483

reference_url	https://access.redhat.com/errata/RHSA-2025:2507
reference_id	RHSA-2025:2507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2507

reference_url	https://access.redhat.com/errata/RHSA-2025:2513
reference_id	RHSA-2025:2513
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2513

reference_url	https://access.redhat.com/errata/RHSA-2025:2654
reference_id	RHSA-2025:2654
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2654

reference_url	https://access.redhat.com/errata/RHSA-2025:2660
reference_id	RHSA-2025:2660
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2660

reference_url	https://access.redhat.com/errata/RHSA-2025:2673
reference_id	RHSA-2025:2673
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2673

reference_url	https://access.redhat.com/errata/RHSA-2025:2678
reference_id	RHSA-2025:2678
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2678

reference_url	https://access.redhat.com/errata/RHSA-2025:2679
reference_id	RHSA-2025:2679
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2679

reference_url	https://access.redhat.com/errata/RHSA-2025:2686
reference_id	RHSA-2025:2686
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2686

reference_url	https://access.redhat.com/errata/RHSA-2025:2789
reference_id	RHSA-2025:2789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2789

reference_url	https://access.redhat.com/errata/RHSA-2025:3055
reference_id	RHSA-2025:3055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3055

reference_url	https://access.redhat.com/errata/RHSA-2025:3368
reference_id	RHSA-2025:3368
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3368

reference_url	https://access.redhat.com/errata/RHSA-2025:3397
reference_id	RHSA-2025:3397
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3397

reference_url	https://access.redhat.com/errata/RHSA-2025:3453
reference_id	RHSA-2025:3453
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3453

reference_url	https://access.redhat.com/errata/RHSA-2025:3569
reference_id	RHSA-2025:3569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3569

reference_url	https://access.redhat.com/errata/RHSA-2025:3775
reference_id	RHSA-2025:3775
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3775

reference_url	https://access.redhat.com/errata/RHSA-2025:3780
reference_id	RHSA-2025:3780
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3780

reference_url	https://access.redhat.com/errata/RHSA-2025:3867
reference_id	RHSA-2025:3867
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3867

reference_url	https://access.redhat.com/errata/RHSA-2025:4005
reference_id	RHSA-2025:4005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4005

reference_url	https://access.redhat.com/errata/RHSA-2025:9895
reference_id	RHSA-2025:9895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9895

reference_url	https://usn.ubuntu.com/7302-1/
reference_id	USN-7302-1
reference_type
scores
url	https://usn.ubuntu.com/7302-1/

fixed_packages

url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u6%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u2%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-0.4?distro=trixie
purl	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-0.4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-0.4%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie

aliases CVE-2025-24928

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-31w8-13b6-8beh

url VCID-8d2w-3c3p-zqaz

vulnerability_id VCID-8d2w-3c3p-zqaz

summary libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34459.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-34459.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-34459

reference_id

reference_type

scores

value	0.0078
scoring_system	epss
scoring_elements	0.7372
published_at	2026-04-16T12:55:00Z

value	0.0078
scoring_system	epss
scoring_elements	0.73635
published_at	2026-04-02T12:55:00Z

value	0.0078
scoring_system	epss
scoring_elements	0.73659
published_at	2026-04-04T12:55:00Z

value	0.0078
scoring_system	epss
scoring_elements	0.73632
published_at	2026-04-07T12:55:00Z

value	0.0078
scoring_system	epss
scoring_elements	0.73667
published_at	2026-04-08T12:55:00Z

value	0.0078
scoring_system	epss
scoring_elements	0.7368
published_at	2026-04-09T12:55:00Z

value	0.0078
scoring_system	epss
scoring_elements	0.73702
published_at	2026-04-11T12:55:00Z

value	0.0078
scoring_system	epss
scoring_elements	0.73685
published_at	2026-04-12T12:55:00Z

value	0.0078
scoring_system	epss
scoring_elements	0.73676
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-34459

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34459

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071162
reference_id	1071162
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071162

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2280532
reference_id	2280532
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2280532

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/

reference_id

5HVUXKYTBWT3G5DEEQX62STJQBY367NL

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/

reference_id

INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/

reference_url	https://usn.ubuntu.com/7240-1/
reference_id	USN-7240-1
reference_type
scores
url	https://usn.ubuntu.com/7240-1/

reference_url	https://usn.ubuntu.com/7302-1/
reference_id	USN-7302-1
reference_type
scores
url	https://usn.ubuntu.com/7302-1/

reference_url

https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8

reference_id

v2.11.8

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/

url

https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8

reference_url

https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7

reference_id

v2.12.7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/

url

https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/

reference_id

VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-22T17:18:58Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/

fixed_packages

url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u8?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u8%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u2%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-0.4?distro=trixie
purl	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-0.4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-0.4%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie

aliases CVE-2024-34459

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8d2w-3c3p-zqaz

url VCID-aasn-u7fd-8bhy

vulnerability_id VCID-aasn-u7fd-8bhy

summary

Improper Restriction of Operations within the Bounds of a Memory Buffer
Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39615.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39615.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-39615

reference_id

reference_type

scores

value	0.00117
scoring_system	epss
scoring_elements	0.30629
published_at	2026-04-16T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30649
published_at	2026-04-12T12:55:00Z

value	0.00117
scoring_system	epss
scoring_elements	0.30604
published_at	2026-04-13T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32184
published_at	2026-04-09T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32187
published_at	2026-04-11T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34276
published_at	2026-04-04T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34244
published_at	2026-04-02T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36251
published_at	2026-04-07T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.363
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-39615

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39615
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39615

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/535

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:25:30Z/

url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/535

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051230
reference_id	1051230
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051230

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2235864
reference_id	2235864
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2235864

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-39615
reference_id	CVE-2023-39615
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-39615

reference_url	https://access.redhat.com/errata/RHSA-2023:7544
reference_id	RHSA-2023:7544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7544

reference_url	https://access.redhat.com/errata/RHSA-2023:7626
reference_id	RHSA-2023:7626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7626

reference_url	https://access.redhat.com/errata/RHSA-2023:7747
reference_id	RHSA-2023:7747
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7747

reference_url	https://access.redhat.com/errata/RHSA-2024:0119
reference_id	RHSA-2024:0119
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0119

reference_url	https://access.redhat.com/errata/RHSA-2024:0413
reference_id	RHSA-2024:0413
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0413

reference_url	https://access.redhat.com/errata/RHSA-2024:1317
reference_id	RHSA-2024:1317
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1317

reference_url	https://access.redhat.com/errata/RHSA-2024:1383
reference_id	RHSA-2024:1383
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1383

reference_url	https://access.redhat.com/errata/RHSA-2024:1477
reference_id	RHSA-2024:1477
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1477

fixed_packages

url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u6%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u2%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-1?distro=trixie
purl	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-1%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie

aliases CVE-2023-39615

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aasn-u7fd-8bhy

url VCID-c9ds-faa9-t7be

vulnerability_id VCID-c9ds-faa9-t7be

summary libxml2: Use-After-Free in libxml2

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56171.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56171.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-56171

reference_id

reference_type

scores

value	0.00183
scoring_system	epss
scoring_elements	0.40048
published_at	2026-04-16T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40054
published_at	2026-04-11T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40017
published_at	2026-04-12T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.39997
published_at	2026-04-13T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40029
published_at	2026-04-02T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40055
published_at	2026-04-04T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.39977
published_at	2026-04-07T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.4003
published_at	2026-04-08T12:55:00Z

value	0.00183
scoring_system	epss
scoring_elements	0.40044
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-56171

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56171
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56171

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098320
reference_id	1098320
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098320

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2346416
reference_id	2346416
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2346416

reference_url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/828

reference_id

828

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T16:26:31Z/

url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/828

reference_url	https://access.redhat.com/errata/RHSA-2025:2482
reference_id	RHSA-2025:2482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2482

reference_url	https://access.redhat.com/errata/RHSA-2025:2483
reference_id	RHSA-2025:2483
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2483

reference_url	https://access.redhat.com/errata/RHSA-2025:2507
reference_id	RHSA-2025:2507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2507

reference_url	https://access.redhat.com/errata/RHSA-2025:2513
reference_id	RHSA-2025:2513
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2513

reference_url	https://access.redhat.com/errata/RHSA-2025:2654
reference_id	RHSA-2025:2654
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2654

reference_url	https://access.redhat.com/errata/RHSA-2025:2660
reference_id	RHSA-2025:2660
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2660

reference_url	https://access.redhat.com/errata/RHSA-2025:2673
reference_id	RHSA-2025:2673
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2673

reference_url	https://access.redhat.com/errata/RHSA-2025:2678
reference_id	RHSA-2025:2678
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2678

reference_url	https://access.redhat.com/errata/RHSA-2025:2679
reference_id	RHSA-2025:2679
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2679

reference_url	https://access.redhat.com/errata/RHSA-2025:2686
reference_id	RHSA-2025:2686
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2686

reference_url	https://access.redhat.com/errata/RHSA-2025:2789
reference_id	RHSA-2025:2789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2789

reference_url	https://access.redhat.com/errata/RHSA-2025:3055
reference_id	RHSA-2025:3055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3055

reference_url	https://access.redhat.com/errata/RHSA-2025:3059
reference_id	RHSA-2025:3059
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3059

reference_url	https://access.redhat.com/errata/RHSA-2025:3066
reference_id	RHSA-2025:3066
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3066

reference_url	https://access.redhat.com/errata/RHSA-2025:3368
reference_id	RHSA-2025:3368
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3368

reference_url	https://access.redhat.com/errata/RHSA-2025:3397
reference_id	RHSA-2025:3397
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3397

reference_url	https://access.redhat.com/errata/RHSA-2025:3453
reference_id	RHSA-2025:3453
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3453

reference_url	https://access.redhat.com/errata/RHSA-2025:3569
reference_id	RHSA-2025:3569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3569

reference_url	https://access.redhat.com/errata/RHSA-2025:3867
reference_id	RHSA-2025:3867
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3867

reference_url	https://access.redhat.com/errata/RHSA-2025:4005
reference_id	RHSA-2025:4005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4005

reference_url	https://access.redhat.com/errata/RHSA-2025:9895
reference_id	RHSA-2025:9895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9895

reference_url	https://usn.ubuntu.com/7302-1/
reference_id	USN-7302-1
reference_type
scores
url	https://usn.ubuntu.com/7302-1/

fixed_packages

url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u6%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u2%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-0.4?distro=trixie
purl	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-0.4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-0.4%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie

aliases CVE-2024-56171

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c9ds-faa9-t7be

url VCID-d68t-f8j1-h3am

vulnerability_id VCID-d68t-f8j1-h3am

summary

Use After Free
When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25062.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25062.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-25062

reference_id

reference_type

scores

value	0.00165
scoring_system	epss
scoring_elements	0.37591
published_at	2026-04-16T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37581
published_at	2026-04-08T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37594
published_at	2026-04-09T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37608
published_at	2026-04-11T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37574
published_at	2026-04-12T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37547
published_at	2026-04-13T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37627
published_at	2026-04-02T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37651
published_at	2026-04-04T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37529
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-25062

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25062

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/604

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T17:35:33Z/

url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/604

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063234
reference_id	1063234
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063234

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2262726
reference_id	2262726
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2262726

reference_url	https://security.gentoo.org/glsa/202402-11
reference_id	GLSA-202402-11
reference_type
scores
url	https://security.gentoo.org/glsa/202402-11

reference_url	https://access.redhat.com/errata/RHSA-2024:1317
reference_id	RHSA-2024:1317
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1317

reference_url	https://access.redhat.com/errata/RHSA-2024:2679
reference_id	RHSA-2024:2679
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2679

reference_url	https://access.redhat.com/errata/RHSA-2024:3299
reference_id	RHSA-2024:3299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3299

reference_url	https://access.redhat.com/errata/RHSA-2024:3303
reference_id	RHSA-2024:3303
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3303

reference_url	https://access.redhat.com/errata/RHSA-2024:3625
reference_id	RHSA-2024:3625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3625

reference_url	https://access.redhat.com/errata/RHSA-2024:3626
reference_id	RHSA-2024:3626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3626

reference_url

https://gitlab.gnome.org/GNOME/libxml2/-/tags

reference_id

tags

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T17:35:33Z/

url

https://gitlab.gnome.org/GNOME/libxml2/-/tags

reference_url	https://usn.ubuntu.com/6658-1/
reference_id	USN-6658-1
reference_type
scores
url	https://usn.ubuntu.com/6658-1/

reference_url	https://usn.ubuntu.com/6658-2/
reference_id	USN-6658-2
reference_type
scores
url	https://usn.ubuntu.com/6658-2/

fixed_packages

url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u6%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u2%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-1?distro=trixie
purl	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-1%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie

aliases CVE-2024-25062

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d68t-f8j1-h3am

url VCID-drkd-yykc-ayge

vulnerability_id VCID-drkd-yykc-ayge

summary libxml2: Out-of-Bounds Read in libxml2

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32414.json

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32414.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-32414

reference_id

reference_type

scores

value	0.00178
scoring_system	epss
scoring_elements	0.3946
published_at	2026-04-02T12:55:00Z

value	0.00178
scoring_system	epss
scoring_elements	0.39476
published_at	2026-04-16T12:55:00Z

value	0.00178
scoring_system	epss
scoring_elements	0.39479
published_at	2026-04-11T12:55:00Z

value	0.00178
scoring_system	epss
scoring_elements	0.39441
published_at	2026-04-12T12:55:00Z

value	0.00178
scoring_system	epss
scoring_elements	0.39424
published_at	2026-04-13T12:55:00Z

value	0.00178
scoring_system	epss
scoring_elements	0.39483
published_at	2026-04-04T12:55:00Z

value	0.00178
scoring_system	epss
scoring_elements	0.39397
published_at	2026-04-07T12:55:00Z

value	0.00178
scoring_system	epss
scoring_elements	0.39453
published_at	2026-04-08T12:55:00Z

value	0.00178
scoring_system	epss
scoring_elements	0.39468
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-32414

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32414

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102521
reference_id	1102521
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102521

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2358121
reference_id	2358121
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2358121

reference_url	https://access.redhat.com/errata/RHSA-2025:12098
reference_id	RHSA-2025:12098
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:12098

reference_url	https://access.redhat.com/errata/RHSA-2025:12237
reference_id	RHSA-2025:12237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:12237

reference_url	https://access.redhat.com/errata/RHSA-2025:12239
reference_id	RHSA-2025:12239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:12239

reference_url	https://access.redhat.com/errata/RHSA-2025:12240
reference_id	RHSA-2025:12240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:12240

reference_url	https://access.redhat.com/errata/RHSA-2025:12241
reference_id	RHSA-2025:12241
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:12241

reference_url	https://access.redhat.com/errata/RHSA-2025:13428
reference_id	RHSA-2025:13428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13428

reference_url	https://access.redhat.com/errata/RHSA-2025:13429
reference_id	RHSA-2025:13429
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13429

reference_url	https://access.redhat.com/errata/RHSA-2025:13677
reference_id	RHSA-2025:13677
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13677

reference_url	https://access.redhat.com/errata/RHSA-2025:13681
reference_id	RHSA-2025:13681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13681

reference_url	https://access.redhat.com/errata/RHSA-2025:13683
reference_id	RHSA-2025:13683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13683

reference_url	https://access.redhat.com/errata/RHSA-2025:13684
reference_id	RHSA-2025:13684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13684

reference_url	https://access.redhat.com/errata/RHSA-2025:14059
reference_id	RHSA-2025:14059
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14059

reference_url	https://access.redhat.com/errata/RHSA-2025:14644
reference_id	RHSA-2025:14644
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14644

reference_url	https://access.redhat.com/errata/RHSA-2025:14818
reference_id	RHSA-2025:14818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14818

reference_url	https://access.redhat.com/errata/RHSA-2025:14819
reference_id	RHSA-2025:14819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14819

reference_url	https://access.redhat.com/errata/RHSA-2025:14853
reference_id	RHSA-2025:14853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14853

reference_url	https://access.redhat.com/errata/RHSA-2025:14858
reference_id	RHSA-2025:14858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14858

reference_url	https://access.redhat.com/errata/RHSA-2025:15308
reference_id	RHSA-2025:15308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15308

reference_url	https://access.redhat.com/errata/RHSA-2025:15672
reference_id	RHSA-2025:15672
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15672

reference_url	https://access.redhat.com/errata/RHSA-2025:16159
reference_id	RHSA-2025:16159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:16159

reference_url	https://access.redhat.com/errata/RHSA-2025:22529
reference_id	RHSA-2025:22529
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22529

reference_url	https://access.redhat.com/errata/RHSA-2025:8958
reference_id	RHSA-2025:8958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8958

reference_url	https://usn.ubuntu.com/7467-1/
reference_id	USN-7467-1
reference_type
scores
url	https://usn.ubuntu.com/7467-1/

reference_url	https://usn.ubuntu.com/7467-2/
reference_id	USN-7467-2
reference_type
scores
url	https://usn.ubuntu.com/7467-2/

reference_url	https://usn.ubuntu.com/7896-1/
reference_id	USN-7896-1
reference_type
scores
url	https://usn.ubuntu.com/7896-1/

fixed_packages

url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u7?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u7%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u2%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-1?distro=trixie
purl	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-1%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie

aliases CVE-2025-32414

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-drkd-yykc-ayge

url VCID-hafa-bcpu-8uaj

vulnerability_id VCID-hafa-bcpu-8uaj

summary libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27113.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27113.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-27113

reference_id

reference_type

scores

value	0.00094
scoring_system	epss
scoring_elements	0.26313
published_at	2026-04-02T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.2615
published_at	2026-04-16T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26249
published_at	2026-04-11T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26204
published_at	2026-04-12T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26146
published_at	2026-04-13T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26354
published_at	2026-04-04T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26127
published_at	2026-04-07T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26194
published_at	2026-04-08T12:55:00Z

value	0.00094
scoring_system	epss
scoring_elements	0.26242
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-27113

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27113
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27113

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098322
reference_id	1098322
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098322

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2346410
reference_id	2346410
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2346410

reference_url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/861

reference_id

861

reference_type

scores

value	2.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-19T15:33:43Z/

url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/861

reference_url	https://usn.ubuntu.com/7302-1/
reference_id	USN-7302-1
reference_type
scores
url	https://usn.ubuntu.com/7302-1/

fixed_packages

url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u6%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u2%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-0.4?distro=trixie
purl	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-0.4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-0.4%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie

aliases CVE-2025-27113

risk_score 1.4

exploitability 0.5

weighted_severity 2.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hafa-bcpu-8uaj

url VCID-pdv9-xrh8-d3fz

vulnerability_id VCID-pdv9-xrh8-d3fz

summary

Use After Free
This advisory has been marked as False Positive and removed.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45322.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45322.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-45322

reference_id

reference_type

scores

value	0.00076
scoring_system	epss
scoring_elements	0.22953
published_at	2026-04-02T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22857
published_at	2026-04-16T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22916
published_at	2026-04-09T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22937
published_at	2026-04-11T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.229
published_at	2026-04-12T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22843
published_at	2026-04-13T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22997
published_at	2026-04-04T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22789
published_at	2026-04-07T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22864
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-45322

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45322

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/344

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T18:12:15Z/

url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/344

reference_url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/583

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T18:12:15Z/

url

https://gitlab.gnome.org/GNOME/libxml2/-/issues/583

reference_url

http://www.openwall.com/lists/oss-security/2023/10/06/5

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-19T18:12:15Z/

url

http://www.openwall.com/lists/oss-security/2023/10/06/5

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053629
reference_id	1053629
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053629

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2242945
reference_id	2242945
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2242945

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2023-45322
reference_id	CVE-2023-45322
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2023-45322

reference_url	https://security.gentoo.org/glsa/202402-11
reference_id	GLSA-202402-11
reference_type
scores
url	https://security.gentoo.org/glsa/202402-11

fixed_packages

url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u6%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u2%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-1?distro=trixie
purl	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-1%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie

aliases CVE-2023-45322

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pdv9-xrh8-d3fz

url VCID-qh44-gavt-rbdw

vulnerability_id VCID-qh44-gavt-rbdw

summary libxml: use-after-free in xmlXIncludeAddNode

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49043.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-49043.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-49043

reference_id

reference_type

scores

value	0.00222
scoring_system	epss
scoring_elements	0.448
published_at	2026-04-02T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44857
published_at	2026-04-16T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44813
published_at	2026-04-08T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44816
published_at	2026-04-09T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44832
published_at	2026-04-11T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44802
published_at	2026-04-12T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44803
published_at	2026-04-13T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44821
published_at	2026-04-04T12:55:00Z

value	0.00222
scoring_system	epss
scoring_elements	0.44761
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-49043

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-49043
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-49043

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094238
reference_id	1094238
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1094238

reference_url

https://github.com/php/php-src/issues/17467

reference_id

17467

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-27T14:52:22Z/

url

https://github.com/php/php-src/issues/17467

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2342118
reference_id	2342118
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2342118

reference_url

https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b

reference_id

5a19e21605398cef6a8b1452477a8705cb41562b

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-27T14:52:22Z/

url

https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b

reference_url	https://access.redhat.com/errata/RHSA-2025:1350
reference_id	RHSA-2025:1350
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1350

reference_url	https://access.redhat.com/errata/RHSA-2025:1487
reference_id	RHSA-2025:1487
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1487

reference_url	https://access.redhat.com/errata/RHSA-2025:1516
reference_id	RHSA-2025:1516
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1516

reference_url	https://access.redhat.com/errata/RHSA-2025:1517
reference_id	RHSA-2025:1517
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1517

reference_url	https://access.redhat.com/errata/RHSA-2025:1925
reference_id	RHSA-2025:1925
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1925

reference_url	https://access.redhat.com/errata/RHSA-2025:2507
reference_id	RHSA-2025:2507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2507

reference_url	https://access.redhat.com/errata/RHSA-2025:2678
reference_id	RHSA-2025:2678
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2678

reference_url	https://access.redhat.com/errata/RHSA-2025:3775
reference_id	RHSA-2025:3775
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3775

reference_url	https://access.redhat.com/errata/RHSA-2025:4409
reference_id	RHSA-2025:4409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4409

reference_url	https://access.redhat.com/errata/RHSA-2025:4422
reference_id	RHSA-2025:4422
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4422

reference_url	https://access.redhat.com/errata/RHSA-2025:4677
reference_id	RHSA-2025:4677
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4677

reference_url	https://access.redhat.com/errata/RHSA-2025:7702
reference_id	RHSA-2025:7702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7702

reference_url	https://usn.ubuntu.com/7240-1/
reference_id	USN-7240-1
reference_type
scores
url	https://usn.ubuntu.com/7240-1/

reference_url	https://usn.ubuntu.com/7302-1/
reference_id	USN-7302-1
reference_type
scores
url	https://usn.ubuntu.com/7302-1/

fixed_packages

url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u6%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u2%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-0.4?distro=trixie
purl	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-0.4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-0.4%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie

aliases CVE-2022-49043

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qh44-gavt-rbdw

url VCID-qp6y-dt1j-97df

vulnerability_id VCID-qp6y-dt1j-97df

summary libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32415.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32415.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-32415

reference_id

reference_type

scores

value	0.00071
scoring_system	epss
scoring_elements	0.21953
published_at	2026-04-02T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.2182
published_at	2026-04-16T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21915
published_at	2026-04-11T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21874
published_at	2026-04-12T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21817
published_at	2026-04-13T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.22006
published_at	2026-04-04T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21771
published_at	2026-04-07T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21848
published_at	2026-04-08T12:55:00Z

value	0.00071
scoring_system	epss
scoring_elements	0.21904
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-32415

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32415

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103511
reference_id	1103511
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103511

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2360768
reference_id	2360768
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2360768

reference_url	https://access.redhat.com/errata/RHSA-2025:13203
reference_id	RHSA-2025:13203
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13203

reference_url	https://access.redhat.com/errata/RHSA-2025:13428
reference_id	RHSA-2025:13428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13428

reference_url	https://access.redhat.com/errata/RHSA-2025:13429
reference_id	RHSA-2025:13429
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13429

reference_url	https://access.redhat.com/errata/RHSA-2025:13622
reference_id	RHSA-2025:13622
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13622

reference_url	https://access.redhat.com/errata/RHSA-2025:13677
reference_id	RHSA-2025:13677
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13677

reference_url	https://access.redhat.com/errata/RHSA-2025:13681
reference_id	RHSA-2025:13681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13681

reference_url	https://access.redhat.com/errata/RHSA-2025:13683
reference_id	RHSA-2025:13683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13683

reference_url	https://access.redhat.com/errata/RHSA-2025:13684
reference_id	RHSA-2025:13684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13684

reference_url	https://access.redhat.com/errata/RHSA-2025:13688
reference_id	RHSA-2025:13688
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13688

reference_url	https://access.redhat.com/errata/RHSA-2025:13689
reference_id	RHSA-2025:13689
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13689

reference_url	https://access.redhat.com/errata/RHSA-2025:13788
reference_id	RHSA-2025:13788
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13788

reference_url	https://access.redhat.com/errata/RHSA-2025:13789
reference_id	RHSA-2025:13789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13789

reference_url	https://access.redhat.com/errata/RHSA-2025:13806
reference_id	RHSA-2025:13806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13806

reference_url	https://access.redhat.com/errata/RHSA-2025:14059
reference_id	RHSA-2025:14059
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14059

reference_url	https://access.redhat.com/errata/RHSA-2025:14186
reference_id	RHSA-2025:14186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14186

reference_url	https://access.redhat.com/errata/RHSA-2025:14644
reference_id	RHSA-2025:14644
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14644

reference_url	https://access.redhat.com/errata/RHSA-2025:14818
reference_id	RHSA-2025:14818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14818

reference_url	https://access.redhat.com/errata/RHSA-2025:14819
reference_id	RHSA-2025:14819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14819

reference_url	https://access.redhat.com/errata/RHSA-2025:14853
reference_id	RHSA-2025:14853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14853

reference_url	https://access.redhat.com/errata/RHSA-2025:14858
reference_id	RHSA-2025:14858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14858

reference_url	https://access.redhat.com/errata/RHSA-2025:15308
reference_id	RHSA-2025:15308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15308

reference_url	https://access.redhat.com/errata/RHSA-2025:15672
reference_id	RHSA-2025:15672
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15672

reference_url	https://access.redhat.com/errata/RHSA-2025:16159
reference_id	RHSA-2025:16159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:16159

reference_url	https://access.redhat.com/errata/RHSA-2025:22529
reference_id	RHSA-2025:22529
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22529

reference_url	https://usn.ubuntu.com/7467-1/
reference_id	USN-7467-1
reference_type
scores
url	https://usn.ubuntu.com/7467-1/

reference_url	https://usn.ubuntu.com/7467-2/
reference_id	USN-7467-2
reference_type
scores
url	https://usn.ubuntu.com/7467-2/

reference_url	https://usn.ubuntu.com/7896-1/
reference_id	USN-7896-1
reference_type
scores
url	https://usn.ubuntu.com/7896-1/

fixed_packages

url pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

purl pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u7?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u7%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
purl	pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u2%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

purl pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-1?distro=trixie
purl	pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-1%3Fdistro=trixie

url pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-62bb-e8vk-7uh4

vulnerability	VCID-d1ar-1945-sygd

vulnerability	VCID-knx8-5fpz-zbgn

vulnerability	VCID-nj3a-zqw9-6bga

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie

url	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
purl	pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie

aliases CVE-2025-32415

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qp6y-dt1j-97df

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u2%3Fdistro=trixie

Package Instance