Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-3b3c-2r39-k7f9

Summary

Multiple vulnerabilities have been found in xkbcommon, the worst of
    which may lead to a Denial of Service condition.

Aliases

alias	CVE-2018-15856

Fixed_packages

url	pkg:deb/debian/libxkbcommon@0.8.2-1?distro=trixie
purl	pkg:deb/debian/libxkbcommon@0.8.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxkbcommon@0.8.2-1%3Fdistro=trixie

url	pkg:deb/debian/libxkbcommon@0.8.2-1
purl	pkg:deb/debian/libxkbcommon@0.8.2-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxkbcommon@0.8.2-1

url	pkg:deb/debian/libxkbcommon@1.0.3-2?distro=trixie
purl	pkg:deb/debian/libxkbcommon@1.0.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxkbcommon@1.0.3-2%3Fdistro=trixie

url	pkg:deb/debian/libxkbcommon@1.5.0-1?distro=trixie
purl	pkg:deb/debian/libxkbcommon@1.5.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxkbcommon@1.5.0-1%3Fdistro=trixie

url	pkg:deb/debian/libxkbcommon@1.7.0-2?distro=trixie
purl	pkg:deb/debian/libxkbcommon@1.7.0-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxkbcommon@1.7.0-2%3Fdistro=trixie

url	pkg:deb/debian/libxkbcommon@1.13.1-1?distro=trixie
purl	pkg:deb/debian/libxkbcommon@1.13.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxkbcommon@1.13.1-1%3Fdistro=trixie

url	pkg:ebuild/x11-libs/libxkbcommon@0.8.2
purl	pkg:ebuild/x11-libs/libxkbcommon@0.8.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/x11-libs/libxkbcommon@0.8.2

Affected_packages

url pkg:deb/debian/libxkbcommon@0.4.3-2

purl pkg:deb/debian/libxkbcommon@0.4.3-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1jk4-ytb3-ebh7

vulnerability	VCID-3b3c-2r39-k7f9

vulnerability	VCID-5118-w33v-4fds

vulnerability	VCID-5bch-vxg1-67ec

vulnerability	VCID-991a-u4ws-cfgu

vulnerability	VCID-9k2a-s4g9-3fdz

vulnerability	VCID-dma5-svas-8kfz

vulnerability	VCID-jgvc-jyqe-uya2

vulnerability	VCID-m6pm-b39t-8fdp

vulnerability	VCID-srbz-g4vu-pfhh

vulnerability	VCID-xf7r-gqe1-5qev

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxkbcommon@0.4.3-2

url pkg:deb/debian/libxkbcommon@0.7.1-2~deb9u1

purl pkg:deb/debian/libxkbcommon@0.7.1-2~deb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1jk4-ytb3-ebh7

vulnerability	VCID-3b3c-2r39-k7f9

vulnerability	VCID-5118-w33v-4fds

vulnerability	VCID-5bch-vxg1-67ec

vulnerability	VCID-991a-u4ws-cfgu

vulnerability	VCID-9k2a-s4g9-3fdz

vulnerability	VCID-dma5-svas-8kfz

vulnerability	VCID-jgvc-jyqe-uya2

vulnerability	VCID-m6pm-b39t-8fdp

vulnerability	VCID-srbz-g4vu-pfhh

vulnerability	VCID-xf7r-gqe1-5qev

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxkbcommon@0.7.1-2~deb9u1

url pkg:rpm/redhat/gdm@1:3.28.2-16?arch=el7

purl pkg:rpm/redhat/gdm@1:3.28.2-16?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16w3-mvk5-8bfg

vulnerability	VCID-3b3c-2r39-k7f9

vulnerability	VCID-5118-w33v-4fds

vulnerability	VCID-5bch-vxg1-67ec

vulnerability	VCID-991a-u4ws-cfgu

vulnerability	VCID-9k2a-s4g9-3fdz

vulnerability	VCID-dma5-svas-8kfz

vulnerability	VCID-enay-5y1j-ffa4

vulnerability	VCID-jgvc-jyqe-uya2

vulnerability	VCID-m6pm-b39t-8fdp

vulnerability	VCID-npqc-cahn-cfgk

vulnerability	VCID-srbz-g4vu-pfhh

vulnerability	VCID-xf7r-gqe1-5qev

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gdm@1:3.28.2-16%3Farch=el7

url pkg:rpm/redhat/libX11@1.6.7-2?arch=el7

purl pkg:rpm/redhat/libX11@1.6.7-2?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16w3-mvk5-8bfg

vulnerability	VCID-3b3c-2r39-k7f9

vulnerability	VCID-5118-w33v-4fds

vulnerability	VCID-5bch-vxg1-67ec

vulnerability	VCID-991a-u4ws-cfgu

vulnerability	VCID-9k2a-s4g9-3fdz

vulnerability	VCID-dma5-svas-8kfz

vulnerability	VCID-enay-5y1j-ffa4

vulnerability	VCID-jgvc-jyqe-uya2

vulnerability	VCID-m6pm-b39t-8fdp

vulnerability	VCID-npqc-cahn-cfgk

vulnerability	VCID-srbz-g4vu-pfhh

vulnerability	VCID-xf7r-gqe1-5qev

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libX11@1.6.7-2%3Farch=el7

url pkg:rpm/redhat/libxkbcommon@0.7.1-3?arch=el7

purl pkg:rpm/redhat/libxkbcommon@0.7.1-3?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16w3-mvk5-8bfg

vulnerability	VCID-3b3c-2r39-k7f9

vulnerability	VCID-5118-w33v-4fds

vulnerability	VCID-5bch-vxg1-67ec

vulnerability	VCID-991a-u4ws-cfgu

vulnerability	VCID-9k2a-s4g9-3fdz

vulnerability	VCID-dma5-svas-8kfz

vulnerability	VCID-enay-5y1j-ffa4

vulnerability	VCID-jgvc-jyqe-uya2

vulnerability	VCID-m6pm-b39t-8fdp

vulnerability	VCID-npqc-cahn-cfgk

vulnerability	VCID-srbz-g4vu-pfhh

vulnerability	VCID-xf7r-gqe1-5qev

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libxkbcommon@0.7.1-3%3Farch=el7

url pkg:rpm/redhat/mesa-libGLw@8.0.0-5?arch=el7

purl pkg:rpm/redhat/mesa-libGLw@8.0.0-5?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16w3-mvk5-8bfg

vulnerability	VCID-3b3c-2r39-k7f9

vulnerability	VCID-5118-w33v-4fds

vulnerability	VCID-5bch-vxg1-67ec

vulnerability	VCID-991a-u4ws-cfgu

vulnerability	VCID-9k2a-s4g9-3fdz

vulnerability	VCID-dma5-svas-8kfz

vulnerability	VCID-enay-5y1j-ffa4

vulnerability	VCID-jgvc-jyqe-uya2

vulnerability	VCID-m6pm-b39t-8fdp

vulnerability	VCID-npqc-cahn-cfgk

vulnerability	VCID-srbz-g4vu-pfhh

vulnerability	VCID-xf7r-gqe1-5qev

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/mesa-libGLw@8.0.0-5%3Farch=el7

url pkg:rpm/redhat/xorg-x11-drv-ati@19.0.1-2?arch=el7

purl pkg:rpm/redhat/xorg-x11-drv-ati@19.0.1-2?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16w3-mvk5-8bfg

vulnerability	VCID-3b3c-2r39-k7f9

vulnerability	VCID-5118-w33v-4fds

vulnerability	VCID-5bch-vxg1-67ec

vulnerability	VCID-991a-u4ws-cfgu

vulnerability	VCID-9k2a-s4g9-3fdz

vulnerability	VCID-dma5-svas-8kfz

vulnerability	VCID-enay-5y1j-ffa4

vulnerability	VCID-jgvc-jyqe-uya2

vulnerability	VCID-m6pm-b39t-8fdp

vulnerability	VCID-npqc-cahn-cfgk

vulnerability	VCID-srbz-g4vu-pfhh

vulnerability	VCID-xf7r-gqe1-5qev

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/xorg-x11-drv-ati@19.0.1-2%3Farch=el7

url pkg:rpm/redhat/xorg-x11-drv-vesa@2.4.0-3?arch=el7

purl pkg:rpm/redhat/xorg-x11-drv-vesa@2.4.0-3?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16w3-mvk5-8bfg

vulnerability	VCID-3b3c-2r39-k7f9

vulnerability	VCID-5118-w33v-4fds

vulnerability	VCID-5bch-vxg1-67ec

vulnerability	VCID-991a-u4ws-cfgu

vulnerability	VCID-9k2a-s4g9-3fdz

vulnerability	VCID-dma5-svas-8kfz

vulnerability	VCID-enay-5y1j-ffa4

vulnerability	VCID-jgvc-jyqe-uya2

vulnerability	VCID-m6pm-b39t-8fdp

vulnerability	VCID-npqc-cahn-cfgk

vulnerability	VCID-srbz-g4vu-pfhh

vulnerability	VCID-xf7r-gqe1-5qev

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/xorg-x11-drv-vesa@2.4.0-3%3Farch=el7

url pkg:rpm/redhat/xorg-x11-drv-wacom@0.36.1-3?arch=el7

purl pkg:rpm/redhat/xorg-x11-drv-wacom@0.36.1-3?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16w3-mvk5-8bfg

vulnerability	VCID-3b3c-2r39-k7f9

vulnerability	VCID-5118-w33v-4fds

vulnerability	VCID-5bch-vxg1-67ec

vulnerability	VCID-991a-u4ws-cfgu

vulnerability	VCID-9k2a-s4g9-3fdz

vulnerability	VCID-dma5-svas-8kfz

vulnerability	VCID-enay-5y1j-ffa4

vulnerability	VCID-jgvc-jyqe-uya2

vulnerability	VCID-m6pm-b39t-8fdp

vulnerability	VCID-npqc-cahn-cfgk

vulnerability	VCID-srbz-g4vu-pfhh

vulnerability	VCID-xf7r-gqe1-5qev

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/xorg-x11-drv-wacom@0.36.1-3%3Farch=el7

url pkg:rpm/redhat/xorg-x11-server@1.20.4-7?arch=el7

purl pkg:rpm/redhat/xorg-x11-server@1.20.4-7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-16w3-mvk5-8bfg

vulnerability	VCID-3b3c-2r39-k7f9

vulnerability	VCID-5118-w33v-4fds

vulnerability	VCID-5bch-vxg1-67ec

vulnerability	VCID-991a-u4ws-cfgu

vulnerability	VCID-9k2a-s4g9-3fdz

vulnerability	VCID-dma5-svas-8kfz

vulnerability	VCID-enay-5y1j-ffa4

vulnerability	VCID-jgvc-jyqe-uya2

vulnerability	VCID-m6pm-b39t-8fdp

vulnerability	VCID-npqc-cahn-cfgk

vulnerability	VCID-srbz-g4vu-pfhh

vulnerability	VCID-xf7r-gqe1-5qev

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/xorg-x11-server@1.20.4-7%3Farch=el7

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15856.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15856.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-15856

reference_id

reference_type

scores

value	0.00044
scoring_system	epss
scoring_elements	0.13479
published_at	2026-04-01T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13578
published_at	2026-04-02T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13638
published_at	2026-04-04T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13435
published_at	2026-04-07T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13517
published_at	2026-04-08T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13566
published_at	2026-04-09T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.1354
published_at	2026-04-11T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13502
published_at	2026-04-12T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13456
published_at	2026-04-13T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13369
published_at	2026-04-16T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13367
published_at	2026-04-18T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13438
published_at	2026-04-21T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13444
published_at	2026-04-24T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13415
published_at	2026-04-26T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.1331
published_at	2026-04-29T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13214
published_at	2026-05-05T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.1337
published_at	2026-05-07T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13453
published_at	2026-05-09T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13448
published_at	2026-05-11T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13477
published_at	2026-05-12T12:55:00Z

value	0.00044
scoring_system	epss
scoring_elements	0.13561
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-15856

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15856
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15856

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1623018
reference_id	1623018
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1623018

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907302
reference_id	907302
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907302

reference_url	https://security.gentoo.org/glsa/201810-05
reference_id	GLSA-201810-05
reference_type
scores
url	https://security.gentoo.org/glsa/201810-05

reference_url	https://access.redhat.com/errata/RHSA-2019:2079
reference_id	RHSA-2019:2079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2079

reference_url	https://usn.ubuntu.com/3786-1/
reference_id	USN-3786-1
reference_type
scores
url	https://usn.ubuntu.com/3786-1/

reference_url	https://usn.ubuntu.com/3786-2/
reference_id	USN-3786-2
reference_type
scores
url	https://usn.ubuntu.com/3786-2/

Weaknesses

cwe_id	835
name	Loop with Unreachable Exit Condition ('Infinite Loop')
description	The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Exploits

Severity_range_score 3.3 - 3.3

Exploitability 0.5

Weighted_severity 3.0

Risk_score 1.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3b3c-2r39-k7f9

Vulnerability Instance