{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87574?format=json","vulnerability_id":"VCID-t6vx-kxne-k7bw","summary":"xen: 64-bit PV xen guest can crash host by accessing hypervisor per-domain memory area","aliases":[{"alias":"CVE-2010-4255"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943268?format=json","purl":"pkg:deb/debian/xen@4.0.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.0.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943265?format=json","purl":"pkg:deb/debian/xen@4.14.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1tb8-t91c-63bp"},{"vulnerability":"VCID-26a9-9zz3-wfhh"},{"vulnerability":"VCID-2trm-w3ww-cfhk"},{"vulnerability":"VCID-3bw4-631f-e7h6"},{"vulnerability":"VCID-3se4-qv6j-xqfq"},{"vulnerability":"VCID-3vdg-5g64-wkbt"},{"vulnerability":"VCID-46ad-1k9n-j3hm"},{"vulnerability":"VCID-4cdt-ycjx-6ub4"},{"vulnerability":"VCID-4k7p-3g95-n7dm"},{"vulnerability":"VCID-4pra-prf3-1uff"},{"vulnerability":"VCID-4rmg-db7g-u3hs"},{"vulnerability":"VCID-5ktg-bhh1-ubbz"},{"vulnerability":"VCID-5u88-jt28-cfb6"},{"vulnerability":"VCID-6dax-cddv-7bbs"},{"vulnerability":"VCID-6jqj-2qwn-8qd9"},{"vulnerability":"VCID-8k1q-b2kj-w7hh"},{"vulnerability":"VCID-8tv5-zxmm-r3fk"},{"vulnerability":"VCID-97zm-r9b6-uqdu"},{"vulnerability":"VCID-b57c-x3pw-7fb7"},{"vulnerability":"VCID-bhdk-jmss-4qc8"},{"vulnerability":"VCID-byu1-7n9c-5fes"},{"vulnerability":"VCID-c4xu-szkm-1kh6"},{"vulnerability":"VCID-ee3z-24pr-kqcm"},{"vulnerability":"VCID-ejhc-6yqt-gkgv"},{"vulnerability":"VCID-evcg-2z3p-gbch"},{"vulnerability":"VCID-h9hz-vur7-kyhg"},{"vulnerability":"VCID-j22f-mbqe-a7dk"},{"vulnerability":"VCID-p2fk-8snj-x7dy"},{"vulnerability":"VCID-psaa-jdr7-e3fm"},{"vulnerability":"VCID-q3p3-tgay-6kcs"},{"vulnerability":"VCID-qpfc-3296-9ub3"},{"vulnerability":"VCID-qsma-2ufh-jybe"},{"vulnerability":"VCID-rdub-9bhg-nbc6"},{"vulnerability":"VCID-rk2f-yqbb-nyd2"},{"vulnerability":"VCID-rt5n-e4wq-p3gh"},{"vulnerability":"VCID-tjgh-waa3-wqgk"},{"vulnerability":"VCID-upju-tcz7-efg1"},{"vulnerability":"VCID-uv8m-bj4c-8fes"},{"vulnerability":"VCID-vv23-mvyn-87hg"},{"vulnerability":"VCID-wd4s-jxuf-skbp"},{"vulnerability":"VCID-wz1m-aeaf-nkg7"},{"vulnerability":"VCID-xqpz-y83m-4uc4"},{"vulnerability":"VCID-ye1t-qhtx-sucm"},{"vulnerability":"VCID-z9rm-9p2q-wfag"},{"vulnerability":"VCID-zkeg-d5d5-vbda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.14.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943263?format=json","purl":"pkg:deb/debian/xen@4.17.5%2B72-g01140da4e8-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qpfc-3296-9ub3"},{"vulnerability":"VCID-upju-tcz7-efg1"},{"vulnerability":"VCID-wx6w-6y5m-fugn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.17.5%252B72-g01140da4e8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943267?format=json","purl":"pkg:deb/debian/xen@4.20.2%2B37-g61ff35323e-0%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qsma-2ufh-jybe"},{"vulnerability":"VCID-wx6w-6y5m-fugn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.20.2%252B37-g61ff35323e-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943266?format=json","purl":"pkg:deb/debian/xen@4.20.2%2B37-g61ff35323e-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qsma-2ufh-jybe"},{"vulnerability":"VCID-wx6w-6y5m-fugn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xen@4.20.2%252B37-g61ff35323e-1%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/127525?format=json","purl":"pkg:rpm/redhat/kernel@2.6.18-238?arch=el5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1kqc-mk8b-qyew"},{"vulnerability":"VCID-4trp-muyy-ufez"},{"vulnerability":"VCID-519v-6b9u-dygr"},{"vulnerability":"VCID-5x5t-fnw6-kqea"},{"vulnerability":"VCID-643a-mvrh-bbap"},{"vulnerability":"VCID-cw6b-qbau-hbh7"},{"vulnerability":"VCID-dnya-sfdj-vbee"},{"vulnerability":"VCID-f744-pabt-7ffu"},{"vulnerability":"VCID-j4jr-x4gq-gyex"},{"vulnerability":"VCID-nq55-xn3b-8qdm"},{"vulnerability":"VCID-nub2-qpm7-n7gv"},{"vulnerability":"VCID-t6vx-kxne-k7bw"},{"vulnerability":"VCID-v72v-tzmz-6kb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kernel@2.6.18-238%3Farch=el5"}],"references":[{"reference_url":"http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.xensource.com/archives/html/xen-devel/2010-11/msg01650.html"},{"reference_url":"http://openwall.com/lists/oss-security/2010/11/30/5","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2010/11/30/5"},{"reference_url":"http://openwall.com/lists/oss-security/2010/11/30/8","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2010/11/30/8"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4255.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4255.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4255","reference_id":"","reference_type":"","scores":[{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74442","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.7432","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74324","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74351","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74358","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74373","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74394","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74374","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74365","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74402","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74411","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74403","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74436","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00819","scoring_system":"epss","scoring_elements":"0.74444","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4255"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4255","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4255"},{"reference_url":"http://secunia.com/advisories/42884","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42884"},{"reference_url":"http://secunia.com/advisories/46397","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/46397"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0017.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0017.html"},{"reference_url":"http://www.securityfocus.com/archive/1/520102/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/520102/100/0/threaded"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2011-0012.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.vmware.com/security/advisories/VMSA-2011-0012.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609531","reference_id":"609531","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609531"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=658155","reference_id":"658155","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=658155"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:3.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:3.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:4.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:citrix:xen:4.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xen:4.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4255","reference_id":"CVE-2010-4255","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0017","reference_id":"RHSA-2011:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0017"}],"weaknesses":[],"exploits":[],"severity_range_score":"6.1 - 6.1","exploitability":"0.5","weighted_severity":"5.5","risk_score":2.8,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t6vx-kxne-k7bw"}