Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/943487?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/943487?format=api", "purl": "pkg:deb/debian/xmlsec1@1.3.9-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "xmlsec1", "version": "1.3.9-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/33349?format=api", "vulnerability_id": "VCID-12cg-us37-xbh8", "summary": "This GLSA contains notification of vulnerabilities found in several\n Gentoo packages which have been fixed prior to January 1, 2012. The worst\n of these vulnerabilities could lead to local privilege escalation and\n remote code execution. Please see the package list and CVE identifiers\n below for more information.", "references": [ { "reference_url": "http://git.gnome.org/browse/xmlsec/commit/?id=2d5eddcc4163ea050cf3a3a1a25452bb5124f780", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/xmlsec/commit/?id=2d5eddcc4163ea050cf3a3a1a25452bb5124f780" }, { "reference_url": "http://git.gnome.org/browse/xmlsec/commit/?id=35eaacde6093d6711339754fc2146341b8b9f5fa", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.gnome.org/browse/xmlsec/commit/?id=35eaacde6093d6711339754fc2146341b8b9f5fa" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1425.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1425.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1425", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0931", "scoring_system": "epss", "scoring_elements": "0.92748", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0931", "scoring_system": "epss", "scoring_elements": "0.9272", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0931", "scoring_system": "epss", "scoring_elements": "0.92727", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0931", "scoring_system": "epss", "scoring_elements": "0.92733", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0931", "scoring_system": "epss", "scoring_elements": "0.9273", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0931", "scoring_system": "epss", "scoring_elements": "0.9274", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0931", "scoring_system": "epss", "scoring_elements": "0.92745", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0931", "scoring_system": "epss", "scoring_elements": "0.9275", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0931", "scoring_system": "epss", "scoring_elements": "0.92749", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1425" }, { "reference_url": "https://bugs.webkit.org/show_bug.cgi?id=52688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.webkit.org/show_bug.cgi?id=52688" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1425", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1425" }, { "reference_url": "http://secunia.com/advisories/43920", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43920" }, { "reference_url": "http://secunia.com/advisories/44167", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44167" }, { "reference_url": "http://secunia.com/advisories/44423", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/44423" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66506" }, { "reference_url": "http://trac.webkit.org/changeset/79159", "reference_id": "", "reference_type": "", "scores": [], "url": "http://trac.webkit.org/changeset/79159" }, { "reference_url": "http://www.aleksey.com/pipermail/xmlsec/2011/009120.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.aleksey.com/pipermail/xmlsec/2011/009120.html" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2219", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2011/dsa-2219" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:063", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:063" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2011-0486.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2011-0486.html" }, { "reference_url": "http://www.securityfocus.com/bid/47135", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/47135" }, { "reference_url": "http://www.securitytracker.com/id?1025284", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1025284" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0855", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0855" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0858", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0858" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/1010", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/1010" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/1172", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/1172" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=620560", "reference_id": "620560", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=620560" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=692133", "reference_id": "692133", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=692133" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.2a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.2a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.2a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.0.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.0.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:0.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:0.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.0.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.0.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.0.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.11:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.11:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.11:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.15:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.15:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.15:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:aleksey:xml_security_library:1.2.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:aleksey:xml_security_library:1.2.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:webkit:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1425", "reference_id": "CVE-2011-1425", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1425" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/17993.rb", "reference_id": "CVE-2011-1774;OSVDB-74017;CVE-2011-1425;OSVDB-72303", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/17993.rb" }, { "reference_url": "https://security.gentoo.org/glsa/201412-09", "reference_id": "GLSA-201412-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2011:0486", "reference_id": "RHSA-2011:0486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2011:0486" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943490?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.14-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.14-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943486?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.31-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.31-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943484?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.37-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.37-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943488?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.41-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.41-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943487?format=api", "purl": "pkg:deb/debian/xmlsec1@1.3.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.3.9-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-1425" ], "risk_score": 9.2, "exploitability": "2.0", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-12cg-us37-xbh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84477?format=api", "vulnerability_id": "VCID-k6xx-j2uv-67a9", "summary": "xmlsec1: xmlsec vulnerable to external entity expansion", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000061.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000061.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000061", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69157", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69173", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69193", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69175", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69225", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69243", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69265", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69251", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69222", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000061" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437311", "reference_id": "1437311", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437311" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2492", "reference_id": "RHSA-2017:2492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2492" }, { "reference_url": "https://usn.ubuntu.com/5674-1/", "reference_id": "USN-5674-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5674-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943491?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.24-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.24-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943486?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.31-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.31-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943484?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.37-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.37-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943488?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.41-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.41-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943487?format=api", "purl": "pkg:deb/debian/xmlsec1@1.3.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.3.9-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1000061" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k6xx-j2uv-67a9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34258?format=api", "vulnerability_id": "VCID-xzye-g5rw-fyh5", "summary": "Multiple vulnerabilities have been found in GraphicsMagick,\n allowing remote attackers to execute arbitrary code or cause a Denial of\n Service condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3736.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3736.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3736", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26117", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26198", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.2624", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26012", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26078", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.2613", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26139", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31157", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31113", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3736" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=537941", "reference_id": "537941", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=537941" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559797", "reference_id": "559797", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559797" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559801", "reference_id": "559801", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559801" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559806", "reference_id": "559806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559809", "reference_id": "559809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559809" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559811", "reference_id": "559811", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559811" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559814", "reference_id": "559814", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559814" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559815", "reference_id": "559815", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559815" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559816", "reference_id": "559816", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559816" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559819", "reference_id": "559819", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559819" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559822", "reference_id": "559822", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559822" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559824", "reference_id": "559824", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559824" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559825", "reference_id": "559825", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559825" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559826", "reference_id": "559826", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559826" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559829", "reference_id": "559829", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559829" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559831", "reference_id": "559831", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559831" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559832", "reference_id": "559832", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559832" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559833", "reference_id": "559833", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559833" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559834", "reference_id": "559834", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559834" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559835", "reference_id": "559835", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559835" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559836", "reference_id": "559836", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559836" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559837", "reference_id": "559837", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559837" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559840", "reference_id": "559840", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559840" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559844", "reference_id": "559844", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559844" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559845", "reference_id": "559845", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559845" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702436", "reference_id": "702436", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702436" }, { "reference_url": "https://security.gentoo.org/glsa/201311-10", "reference_id": "GLSA-201311-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-10" }, { "reference_url": "https://security.gentoo.org/glsa/201412-08", "reference_id": "GLSA-201412-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201412-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1646", "reference_id": "RHSA-2009:1646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0039", "reference_id": "RHSA-2010:0039", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0039" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943489?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.14-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.14-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943486?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.31-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.31-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943484?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.37-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.37-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943488?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.41-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.41-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943487?format=api", "purl": "pkg:deb/debian/xmlsec1@1.3.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.3.9-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3736" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xzye-g5rw-fyh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6667?format=api", "vulnerability_id": "VCID-z7ht-bq8z-3qgd", "summary": "XML signature HMAC truncation authentication bypass\nThis package uses a parameter that defines an HMAC truncation length (`HMACOutputLength`) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0217.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83529", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83557", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83556", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83541", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83605", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.8359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01986", "scoring_system": "epss", "scoring_elements": "0.83581", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84491", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0222", "scoring_system": "epss", "scoring_elements": "0.84495", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0217" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0217" }, { "reference_url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-041" }, { "reference_url": "https://gitlab.gnome.org/Archive/xmlsec/-/commit/34b349675af9f72eb822837a8772cc1ead7115c7", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitlab.gnome.org/Archive/xmlsec/-/commit/34b349675af9f72eb822837a8772cc1ead7115c7" }, { "reference_url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47526" }, { "reference_url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=47527" }, { "reference_url": "https://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "reference_url": "https://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.opensuse.org/opensuse-security-announce/2010-03/msg00005.html" }, { "reference_url": "https://marc.info/?l=bugtraq&m=125787273209737&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://marc.info/?l=bugtraq&m=125787273209737&w=2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" }, { "reference_url": "https://rhn.redhat.com/errata/RHSA-2009-1428.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1428.html" }, { "reference_url": "https://svn.apache.org/viewvc?revision=794013&view=revision", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://svn.apache.org/viewvc?revision=794013&view=revision" }, { "reference_url": "http://svn.apache.org/viewvc?view=revision&revision=794013", "reference_id": "", "reference_type": "", "scores": [], "url": "http://svn.apache.org/viewvc?view=revision&revision=794013" }, { "reference_url": "https://www.debian.org/security/2010/dsa-1995", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2010/dsa-1995" }, { "reference_url": "https://www.gentoo.org/security/en/glsa/glsa-201408-19.xml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" }, { "reference_url": "https://www.kb.cert.org/vuls/id/466161", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.kb.cert.org/vuls/id/466161" }, { "reference_url": "https://www.kb.cert.org/vuls/id/MAPG-7TSKXQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.kb.cert.org/vuls/id/MAPG-7TSKXQ" }, { "reference_url": "https://www.kb.cert.org/vuls/id/WDON-7TY529", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.kb.cert.org/vuls/id/WDON-7TY529" }, { "reference_url": "https://www.mandriva.com/security/advisories?name=MDVSA-2009:209", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00494.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00505.html" }, { "reference_url": "https://www.redhat.com/support/errata/RHSA-2009-1694.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.redhat.com/support/errata/RHSA-2009-1694.html" }, { "reference_url": "https://www.ubuntu.com/usn/USN-903-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.ubuntu.com/usn/USN-903-1" }, { "reference_url": "https://www.us-cert.gov/cas/techalerts/TA09-294A.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "reference_url": "https://www.w3.org/2008/06/xmldsigcore-errata.html#e03", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.w3.org/2008/06/xmldsigcore-errata.html#e03" }, { "reference_url": "https://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" }, { "reference_url": "https://bugzilla.redhat.com/CVE-2009-0217", "reference_id": "CVE-2009-0217", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/CVE-2009-0217" }, { "reference_url": "https://github.com/advisories/GHSA-8hfm-837h-hjg5", "reference_id": "GHSA-8hfm-837h-hjg5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8hfm-837h-hjg5" }, { "reference_url": "https://security.gentoo.org/glsa/201206-13", "reference_id": "GLSA-201206-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-13" }, { "reference_url": "https://security.gentoo.org/glsa/201408-19", "reference_id": "GLSA-201408-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1200", "reference_id": "RHSA-2009:1200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1201", "reference_id": "RHSA-2009:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1428", "reference_id": "RHSA-2009:1428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1636", "reference_id": "RHSA-2009:1636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1637", "reference_id": "RHSA-2009:1637", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1637" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1649", "reference_id": "RHSA-2009:1649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1650", "reference_id": "RHSA-2009:1650", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0043", "reference_id": "RHSA-2010:0043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0043" }, { "reference_url": "https://usn.ubuntu.com/814-1/", "reference_id": "USN-814-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/814-1/" }, { "reference_url": "https://usn.ubuntu.com/826-1/", "reference_id": "USN-826-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/826-1/" }, { "reference_url": "https://usn.ubuntu.com/903-1/", "reference_id": "USN-903-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/903-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943485?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.12-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.12-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943486?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.31-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.31-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943484?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.37-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.37-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943488?format=api", "purl": "pkg:deb/debian/xmlsec1@1.2.41-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.2.41-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943487?format=api", "purl": "pkg:deb/debian/xmlsec1@1.3.9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.3.9-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0217", "GHSA-8hfm-837h-hjg5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z7ht-bq8z-3qgd" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xmlsec1@1.3.9-1%3Fdistro=trixie" }