{"url":"http://public2.vulnerablecode.io/api/packages/995127?format=json","purl":"pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1","type":"deb","namespace":"debian","name":"libxslt","version":"1.1.34-4+deb11u1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.1.35-1+deb12u4","latest_non_vulnerable_version":"1.1.35-1.2+deb13u3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68725?format=json","vulnerability_id":"VCID-aauj-xkdy-mbea","summary":"libxslt: Type confusion in xmlNode.psvi between stylesheet and source nodes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7424.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-7424.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7424","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25167","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25157","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25125","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25066","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25205","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2666","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26665","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2662","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26562","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26542","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2661","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27858","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27686","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30199","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30152","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59113","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59158","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59101","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59141","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59212","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59222","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7424"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7424","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7424"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109123","reference_id":"1109123","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109123"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/-/issues/139","reference_id":"139","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxslt/-/issues/139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379228","reference_id":"2379228","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379228"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1","reference_id":"cpe:/a:redhat:hummingbird:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-7424","reference_id":"CVE-2025-7424","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-7424"},{"reference_url":"https://access.redhat.com/errata/RHBA-2025:12345","reference_id":"RHBA-2025:12345","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/"}],"url":"https://access.redhat.com/errata/RHBA-2025:12345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11015","reference_id":"RHSA-2026:11015","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T14:19:10Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11015"},{"reference_url":"https://usn.ubuntu.com/7945-1/","reference_id":"USN-7945-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7945-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995128?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3"}],"aliases":["CVE-2025-7424"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aauj-xkdy-mbea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68441?format=json","vulnerability_id":"VCID-gz4b-hjbg-pyfz","summary":"libxslt: use-after-free with key data stored cross-RVT","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10911.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10911.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10911","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03372","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03384","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03396","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03413","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03416","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03438","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03399","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03349","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03325","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03338","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04641","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04568","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04606","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05255","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05252","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05251","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05253","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.0516","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05149","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05198","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05244","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10911"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116447","reference_id":"1116447","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116447"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/-/issues/144","reference_id":"144","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-29T15:48:55Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxslt/-/issues/144"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2397838","reference_id":"2397838","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-29T15:48:55Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2397838"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/-/merge_requests/77","reference_id":"77","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-29T15:48:55Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxslt/-/merge_requests/77"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1","reference_id":"cpe:/a:redhat:hummingbird:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-10911","reference_id":"CVE-2025-10911","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-29T15:48:55Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-10911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11015","reference_id":"RHSA-2026:11015","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-29T15:48:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11015"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089444?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1089445?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/995130?format=json","purl":"pkg:deb/debian/libxslt@1.1.45-0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-uzdd-8m94-wubv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1"}],"aliases":["CVE-2025-10911"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gz4b-hjbg-pyfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70781?format=json","vulnerability_id":"VCID-jaep-1ut3-9qan","summary":"libxslt: Use-After-Free in libxslt numbers.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24855","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15193","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15404","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15187","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15473","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15277","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15365","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15415","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15377","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15272","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15337","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24945","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24889","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24814","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24834","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24911","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2493","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24918","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24873","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24753","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24827","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25296","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-24855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566","reference_id":"1100566","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2352483","reference_id":"2352483","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2352483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3107","reference_id":"RHSA-2025:3107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3389","reference_id":"RHSA-2025:3389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3528","reference_id":"RHSA-2025:3528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3615","reference_id":"RHSA-2025:3615","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3615"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3619","reference_id":"RHSA-2025:3619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3624","reference_id":"RHSA-2025:3624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3625","reference_id":"RHSA-2025:3625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3626","reference_id":"RHSA-2025:3626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3627","reference_id":"RHSA-2025:3627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4098","reference_id":"RHSA-2025:4098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4422","reference_id":"RHSA-2025:4422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4427","reference_id":"RHSA-2025:4427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4431","reference_id":"RHSA-2025:4431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4677","reference_id":"RHSA-2025:4677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4731","reference_id":"RHSA-2025:4731","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7496","reference_id":"RHSA-2025:7496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7702","reference_id":"RHSA-2025:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8303","reference_id":"RHSA-2025:8303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8303"},{"reference_url":"https://usn.ubuntu.com/7361-1/","reference_id":"USN-7361-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7361-1/"},{"reference_url":"https://usn.ubuntu.com/7787-1/","reference_id":"USN-7787-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7787-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995128?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3"}],"aliases":["CVE-2025-24855"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jaep-1ut3-9qan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66906?format=json","vulnerability_id":"VCID-qpxw-q3mc-xfhz","summary":"libxslt: Type Confusion in exsltFuncResultCompfunction of libxslt","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11731.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11731.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11731","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20117","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20197","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20278","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20255","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20333","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20175","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20234","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20393","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22595","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22803","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22797","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22756","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22587","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24493","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24369","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24447","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.2451","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26714","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26591","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26609","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26689","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11731"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11731","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11731"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118078","reference_id":"1118078","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118078"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/-/issues/151","reference_id":"151","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T15:18:32Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxslt/-/issues/151"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403688","reference_id":"2403688","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T15:18:32Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403688"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/-/merge_requests/78","reference_id":"78","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T15:18:32Z/"}],"url":"https://gitlab.gnome.org/GNOME/libxslt/-/merge_requests/78"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1","reference_id":"cpe:/a:redhat:hummingbird:1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-11731","reference_id":"CVE-2025-11731","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T15:18:32Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-11731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11015","reference_id":"RHSA-2026:11015","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T15:18:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11015"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089444?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1089445?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/995130?format=json","purl":"pkg:deb/debian/libxslt@1.1.45-0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-uzdd-8m94-wubv"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1"}],"aliases":["CVE-2025-11731"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qpxw-q3mc-xfhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78065?format=json","vulnerability_id":"VCID-wdxa-4bjj-7fe5","summary":"libxslt: Processing web content may disclose sensitive information","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40403.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40403.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-40403","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28996","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29186","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30676","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30416","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30597","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30708","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31935","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31355","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31336","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31244","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31267","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31339","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33476","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33489","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33465","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33501","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33262","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33136","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33068","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33181","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.3353","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-40403"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40403","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40403"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/10","reference_id":"10","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/10"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108074","reference_id":"1108074","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108074"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349766","reference_id":"2349766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2349766"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/3","reference_id":"3","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/3"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/4","reference_id":"4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/4"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/5","reference_id":"5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/5"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/6","reference_id":"6","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/6"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/8","reference_id":"8","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/8"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Oct/9","reference_id":"9","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Oct/9"},{"reference_url":"https://support.apple.com/en-us/HT213927","reference_id":"HT213927","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213927"},{"reference_url":"https://support.apple.com/en-us/HT213931","reference_id":"HT213931","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213931"},{"reference_url":"https://support.apple.com/en-us/HT213932","reference_id":"HT213932","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213932"},{"reference_url":"https://support.apple.com/en-us/HT213936","reference_id":"HT213936","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213936"},{"reference_url":"https://support.apple.com/en-us/HT213937","reference_id":"HT213937","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213937"},{"reference_url":"https://support.apple.com/en-us/HT213938","reference_id":"HT213938","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213938"},{"reference_url":"https://support.apple.com/en-us/HT213940","reference_id":"HT213940","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T14:28:39Z/"}],"url":"https://support.apple.com/en-us/HT213940"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8676","reference_id":"RHSA-2025:8676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8676"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9016","reference_id":"RHSA-2025:9016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10065","reference_id":"RHSA-2026:10065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16008","reference_id":"RHSA-2026:16008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16009","reference_id":"RHSA-2026:16009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16174","reference_id":"RHSA-2026:16174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6266","reference_id":"RHSA-2026:6266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6499","reference_id":"RHSA-2026:6499","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6499"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7335","reference_id":"RHSA-2026:7335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8746","reference_id":"RHSA-2026:8746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8747","reference_id":"RHSA-2026:8747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8748","reference_id":"RHSA-2026:8748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8748"},{"reference_url":"https://usn.ubuntu.com/7600-1/","reference_id":"USN-7600-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7600-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995128?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3"}],"aliases":["CVE-2023-40403"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wdxa-4bjj-7fe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70782?format=json","vulnerability_id":"VCID-z7hh-qpzy-c7b2","summary":"libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55549.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-55549","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15368","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15455","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15498","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15569","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15886","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15954","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15824","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15811","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16014","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15992","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27926","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27895","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27812","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.2783","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27905","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28156","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28044","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27966","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27804","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27867","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28623","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-55549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55549"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100565","reference_id":"1100565","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100565"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2352484","reference_id":"2352484","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2352484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3613","reference_id":"RHSA-2025:3613","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3614","reference_id":"RHSA-2025:3614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3615","reference_id":"RHSA-2025:3615","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3615"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3619","reference_id":"RHSA-2025:3619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3624","reference_id":"RHSA-2025:3624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3625","reference_id":"RHSA-2025:3625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3626","reference_id":"RHSA-2025:3626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3627","reference_id":"RHSA-2025:3627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4025","reference_id":"RHSA-2025:4025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4098","reference_id":"RHSA-2025:4098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4422","reference_id":"RHSA-2025:4422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4427","reference_id":"RHSA-2025:4427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4431","reference_id":"RHSA-2025:4431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4677","reference_id":"RHSA-2025:4677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4731","reference_id":"RHSA-2025:4731","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7410","reference_id":"RHSA-2025:7410","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7496","reference_id":"RHSA-2025:7496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7702","reference_id":"RHSA-2025:7702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8303","reference_id":"RHSA-2025:8303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8303"},{"reference_url":"https://usn.ubuntu.com/7357-1/","reference_id":"USN-7357-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7357-1/"},{"reference_url":"https://usn.ubuntu.com/7787-1/","reference_id":"USN-7787-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7787-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995128?format=json","purl":"pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3"}],"aliases":["CVE-2024-55549"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z7hh-qpzy-c7b2"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10993?format=json","vulnerability_id":"VCID-nxyn-eknv-tqbf","summary":"Use After Free\nUse after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30560","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24537","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24354","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24325","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24479","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24451","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24436","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24597","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24634","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24409","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24478","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24522","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24493","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2424","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24223","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24281","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24218","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24137","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24252","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24291","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24306","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24421","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24446","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30560"},{"reference_url":"https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://chromereleases.googleblog.com/2021/07/stable-channel-update-for-desktop.html"},{"reference_url":"https://crbug.com/1219209","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://crbug.com/1219209"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30560"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-30560.yml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2021-30560.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html"},{"reference_url":"https://www.debian.org/security/2022/dsa-5216","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5216"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079","reference_id":"990079","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990079"},{"reference_url":"https://security.archlinux.org/ASA-202107-30","reference_id":"ASA-202107-30","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-30"},{"reference_url":"https://security.archlinux.org/ASA-202107-31","reference_id":"ASA-202107-31","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-31"},{"reference_url":"https://security.archlinux.org/AVG-2166","reference_id":"AVG-2166","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2166"},{"reference_url":"https://security.archlinux.org/AVG-2167","reference_id":"AVG-2167","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2167"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30560","reference_id":"CVE-2021-30560","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30560"},{"reference_url":"https://github.com/advisories/GHSA-59gp-qqm7-cw4j","reference_id":"GHSA-59gp-qqm7-cw4j","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-59gp-qqm7-cw4j"},{"reference_url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2","reference_id":"GHSA-fq42-c5rg-92c2","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-fq42-c5rg-92c2"},{"reference_url":"https://security.gentoo.org/glsa/202107-49","reference_id":"GLSA-202107-49","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-49"},{"reference_url":"https://security.gentoo.org/glsa/202310-23","reference_id":"GLSA-202310-23","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202310-23"},{"reference_url":"https://usn.ubuntu.com/5575-1/","reference_id":"USN-5575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5575-1/"},{"reference_url":"https://usn.ubuntu.com/5575-2/","reference_id":"USN-5575-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5575-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995127?format=json","purl":"pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1"}],"aliases":["CVE-2021-30560","GHSA-59gp-qqm7-cw4j"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nxyn-eknv-tqbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55120?format=json","vulnerability_id":"VCID-sxp3-vtcq-pugw","summary":"Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability\nIn xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.\n\nNokogiri prior to version 1.10.5 contains a vulnerable version of libxslt. Nokogiri version 1.10.5 upgrades the dependency to libxslt 1.1.34, which contains a patch for this issue.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0514","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2020:0514"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18197.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18197.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18197","reference_id":"","reference_type":"","scores":[{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89277","published_at":"2026-05-15T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89118","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89126","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89141","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89143","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89161","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89167","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89177","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89173","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89171","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89184","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89183","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89179","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89196","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89202","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89206","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89214","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.8923","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89241","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89238","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89248","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04534","scoring_system":"epss","scoring_elements":"0.89267","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18197"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15746","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15746"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15768","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15768"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15914","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15914"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18197"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-18197.yml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-18197.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/blob/01ab95f3e37429ed8d3b380a8d2f73902eb325d9/CHANGELOG.md?plain=1#L934","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/blob/01ab95f3e37429ed8d3b380a8d2f73902eb325d9/CHANGELOG.md?plain=1#L934"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/1943","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/1943"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00037.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00037.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18197","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18197"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191031-0004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20191031-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191031-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20191031-0004/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200416-0004","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20200416-0004"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200416-0004/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20200416-0004/"},{"reference_url":"https://usn.ubuntu.com/4164-1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4164-1"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/11/17/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/11/17/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770768","reference_id":"1770768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770768"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942646","reference_id":"942646","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942646"},{"reference_url":"https://security.archlinux.org/ASA-202002-3","reference_id":"ASA-202002-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202002-3"},{"reference_url":"https://security.archlinux.org/AVG-1092","reference_id":"AVG-1092","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1092"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xmlsoft:libxslt:1.1.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-242x-7cm6-4w8j","reference_id":"GHSA-242x-7cm6-4w8j","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-242x-7cm6-4w8j"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4005","reference_id":"RHSA-2020:4005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4464","reference_id":"RHSA-2020:4464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4464"},{"reference_url":"https://usn.ubuntu.com/4164-1/","reference_id":"USN-4164-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4164-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995127?format=json","purl":"pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1"}],"aliases":["CVE-2019-18197","GHSA-242x-7cm6-4w8j"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sxp3-vtcq-pugw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42308?format=json","vulnerability_id":"VCID-zwzs-qztz-wbfj","summary":"Multiple vulnerabilities have been found in Chromium and Google\n    Chrome, the worst of which could allow remote attackers to execute\n    arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5815.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5815.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5815","reference_id":"","reference_type":"","scores":[{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29168","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29646","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29601","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29549","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29568","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29542","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29497","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29384","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29269","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29204","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29059","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29119","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29134","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29057","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29078","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29159","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29606","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29673","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29723","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29543","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29643","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5815"},{"reference_url":"https://bugs.chromium.org/p/chromium/issues/detail?id=930663","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.chromium.org/p/chromium/issues/detail?id=930663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5811"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5815"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5818"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5820"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5821"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5822"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5825"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5826"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5848","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5848"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5849","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5849"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5850","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5850"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5851","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5851"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5852","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5852"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5853","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5853"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5854","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5856","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5856"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5857","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5857"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5860","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5860"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5868","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5868"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6504"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-5815.yml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-5815.yml"},{"reference_url":"https://github.com/sparklemotion/nokogiri","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri"},{"reference_url":"https://github.com/sparklemotion/nokogiri/issues/2630","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":""},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/sparklemotion/nokogiri/issues/2630"},{"reference_url":"https://gitlab.gnome.org/GNOME/libxslt/commit/08b62c25871b38d5d573515ca8a065b4b8f64f6b","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitlab.gnome.org/GNOME/libxslt/commit/08b62c25871b38d5d573515ca8a065b4b8f64f6b"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00010.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5815","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5815"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702905","reference_id":"1702905","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1702905"},{"reference_url":"https://security.archlinux.org/ASA-201904-12","reference_id":"ASA-201904-12","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-12"},{"reference_url":"https://security.archlinux.org/AVG-952","reference_id":"AVG-952","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-952"},{"reference_url":"https://github.com/advisories/GHSA-vmfx-gcfq-wvm2","reference_id":"GHSA-vmfx-gcfq-wvm2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vmfx-gcfq-wvm2"},{"reference_url":"https://security.gentoo.org/glsa/201908-18","reference_id":"GLSA-201908-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201908-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1021","reference_id":"RHSA-2019:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1021"},{"reference_url":"https://usn.ubuntu.com/5575-1/","reference_id":"USN-5575-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5575-1/"},{"reference_url":"https://usn.ubuntu.com/5575-2/","reference_id":"USN-5575-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5575-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/995127?format=json","purl":"pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-aauj-xkdy-mbea"},{"vulnerability":"VCID-gz4b-hjbg-pyfz"},{"vulnerability":"VCID-jaep-1ut3-9qan"},{"vulnerability":"VCID-qpxw-q3mc-xfhz"},{"vulnerability":"VCID-wdxa-4bjj-7fe5"},{"vulnerability":"VCID-z7hh-qpzy-c7b2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1"}],"aliases":["CVE-2019-5815","GHSA-vmfx-gcfq-wvm2"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zwzs-qztz-wbfj"}],"risk_score":"3.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1"}