{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40181?format=json","vulnerability_id":"VCID-bwrv-burs-sqg6","summary":"Uncontrolled Resource Consumption\nlibxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-3627.","aliases":[{"alias":"CVE-2016-9596"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/104582?format=json","purl":"pkg:deb/debian/libxml2@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104571?format=json","purl":"pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.10%252Bdfsg-6.7%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104569?format=json","purl":"pkg:deb/debian/libxml2@2.9.14%2Bdfsg-1.3~deb12u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.9.14%252Bdfsg-1.3~deb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104573?format=json","purl":"pkg:deb/debian/libxml2@2.12.7%2Bdfsg%2Breally2.9.14-2.1%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d47v-hstc-wqc1"},{"vulnerability":"VCID-kqv4-tkg9-6ugb"},{"vulnerability":"VCID-p5kk-3yg6-yucb"},{"vulnerability":"VCID-rymj-pnfv-3khf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.12.7%252Bdfsg%252Breally2.9.14-2.1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104572?format=json","purl":"pkg:deb/debian/libxml2@2.15.2%2Bdfsg-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.2%252Bdfsg-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/304775?format=json","purl":"pkg:deb/debian/libxml2@2.15.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxml2@2.15.3%252Bdfsg-1%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/51192?format=json","purl":"pkg:nuget/libxml2@2.7.8.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bwrv-burs-sqg6"},{"vulnerability":"VCID-d39h-k44d-8kgx"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-ncxg-w6wk-bkb4"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@2.7.8.2"},{"url":"http://public2.vulnerablecode.io/api/packages/196847?format=json","purl":"pkg:nuget/libxml2@2.7.8.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bwrv-burs-sqg6"},{"vulnerability":"VCID-d39h-k44d-8kgx"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-ncxg-w6wk-bkb4"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@2.7.8.4"},{"url":"http://public2.vulnerablecode.io/api/packages/196848?format=json","purl":"pkg:nuget/libxml2@2.7.8.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bwrv-burs-sqg6"},{"vulnerability":"VCID-d39h-k44d-8kgx"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-ncxg-w6wk-bkb4"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@2.7.8.5"},{"url":"http://public2.vulnerablecode.io/api/packages/196849?format=json","purl":"pkg:nuget/libxml2@2.7.8.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bwrv-burs-sqg6"},{"vulnerability":"VCID-d39h-k44d-8kgx"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-ncxg-w6wk-bkb4"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@2.7.8.6"},{"url":"http://public2.vulnerablecode.io/api/packages/196850?format=json","purl":"pkg:nuget/libxml2@2.7.8.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1nax-e3jj-ryef"},{"vulnerability":"VCID-1zr7-kx71-tkcr"},{"vulnerability":"VCID-2wkc-xqzc-e3g2"},{"vulnerability":"VCID-3ean-ys5t-bydz"},{"vulnerability":"VCID-3s6k-9cgk-dfd6"},{"vulnerability":"VCID-4sg9-pjmx-6kfy"},{"vulnerability":"VCID-512y-x2fd-4uh5"},{"vulnerability":"VCID-5g9a-2484-rucp"},{"vulnerability":"VCID-5z25-mem7-hfcx"},{"vulnerability":"VCID-6bw6-4huq-dqex"},{"vulnerability":"VCID-6hc4-jdej-gkcp"},{"vulnerability":"VCID-6t8y-27ba-cfa2"},{"vulnerability":"VCID-81t2-tsq4-x7ce"},{"vulnerability":"VCID-8719-hux3-fugq"},{"vulnerability":"VCID-9m3t-anwb-4fbx"},{"vulnerability":"VCID-9usm-m2ey-7qad"},{"vulnerability":"VCID-a611-3sqz-bkac"},{"vulnerability":"VCID-akrb-6bu8-nqfq"},{"vulnerability":"VCID-anzu-y37j-dbc2"},{"vulnerability":"VCID-bgcq-x9bd-83ap"},{"vulnerability":"VCID-bksc-y3j7-ufek"},{"vulnerability":"VCID-bwrv-burs-sqg6"},{"vulnerability":"VCID-d39h-k44d-8kgx"},{"vulnerability":"VCID-ds9f-6ppp-5fax"},{"vulnerability":"VCID-e8w6-ax3x-wqan"},{"vulnerability":"VCID-efx2-bpu9-z7a4"},{"vulnerability":"VCID-egft-crba-6ubx"},{"vulnerability":"VCID-ezzm-sgz4-xbaa"},{"vulnerability":"VCID-f8q4-hk9r-6be4"},{"vulnerability":"VCID-fn1n-adz5-5fcy"},{"vulnerability":"VCID-frer-xevm-x7f7"},{"vulnerability":"VCID-gfk4-86ze-3bdx"},{"vulnerability":"VCID-j98t-paam-97ec"},{"vulnerability":"VCID-kg69-mhxs-tkcx"},{"vulnerability":"VCID-m8d1-5qex-huf8"},{"vulnerability":"VCID-m91c-mfu9-bbbh"},{"vulnerability":"VCID-ncxg-w6wk-bkb4"},{"vulnerability":"VCID-pgfh-4snq-pbe6"},{"vulnerability":"VCID-q1rm-fyhj-kbfu"},{"vulnerability":"VCID-q736-5feg-q3h2"},{"vulnerability":"VCID-qa31-1xtw-ybdg"},{"vulnerability":"VCID-u795-5dzy-gkbs"},{"vulnerability":"VCID-ueh5-fv4d-a7a8"},{"vulnerability":"VCID-w156-x6fs-7baj"},{"vulnerability":"VCID-y6zn-hwwh-23hp"},{"vulnerability":"VCID-y76b-6hzr-uqgb"},{"vulnerability":"VCID-yjn6-17qx-9ubc"},{"vulnerability":"VCID-zezc-xfmm-cqcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:nuget/libxml2@2.7.8.7"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9596.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9596.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9596","reference_id":"","reference_type":"","scores":[{"value":"0.00673","scoring_system":"epss","scoring_elements":"0.71813","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00673","scoring_system":"epss","scoring_elements":"0.71852","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9596"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1408302","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1408302"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9596","reference_id":"CVE-2016-9596","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9596"}],"weaknesses":[{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."},{"cwe_id":400,"name":"Uncontrolled Resource Consumption","description":"The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":674,"name":"Uncontrolled Recursion","description":"The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack."}],"exploits":[],"severity_range_score":"4.3 - 4.3","exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bwrv-burs-sqg6"}