[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2015-9019":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":177,"aliases":178,"duplicate_of":9,"upstream":179,"downstream":180,"duplicates":193,"related":194,"reserved_at":9,"published_at":199,"modified_at":200,"state":201,"summary":202,"references_raw":211,"kevs":226,"epss":227,"epss_history":230,"metrics":487,"affected":497},"CVE-2015-9019","In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-330","Use of Insufficiently Random Values","The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.","weakness","Stable","Class","High",[20,145,173],{"id":21,"name":22,"techniques":23},"CAPEC-112","Brute Force",[24],{"id":25,"name":22,"tactics":26,"countermeasures":30},"T1110",[27],{"id":28,"name":29},"TA0031","Credential Access",[31,36,40,44,48,52,56,60,64,68,72,76,80,84,89,93,98,103,107,111,115,119,123,127,131,136,141],{"id":32,"name":33,"tactic":34},"D3-CCSA","Credential Compromise Scope Analysis",{"name":35},"Detect",{"id":37,"name":38,"tactic":39},"D3-AEM","Application Exception Monitoring",{"name":35},{"id":41,"name":42,"tactic":43},"D3-OPM","Operational Process Monitoring",{"name":35},{"id":45,"name":46,"tactic":47},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":35},{"id":49,"name":50,"tactic":51},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":35},{"id":53,"name":54,"tactic":55},"D3-CSPP","Client-server Payload Profiling",{"name":35},{"id":57,"name":58,"tactic":59},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":35},{"id":61,"name":62,"tactic":63},"D3-NTSA","Network Traffic Signature Analysis",{"name":35},{"id":65,"name":66,"tactic":67},"D3-APCA","Application Protocol Command Analysis",{"name":35},{"id":69,"name":70,"tactic":71},"D3-NTCD","Network Traffic Community Deviation",{"name":35},{"id":73,"name":74,"tactic":75},"D3-RTSD","Remote Terminal Session Detection",{"name":35},{"id":77,"name":78,"tactic":79},"D3-CAA","Connection Attempt Analysis",{"name":35},{"id":81,"name":82,"tactic":83},"D3-ANAA","Administrative Network Activity Analysis",{"name":35},{"id":85,"name":86,"tactic":87},"D3-CR","Credential Revocation",{"name":88},"Evict",{"id":90,"name":91,"tactic":92},"D3-ANCI","Authentication Cache Invalidation",{"name":88},{"id":94,"name":95,"tactic":96},"D3-DUC","Decoy User Credential",{"name":97},"Deceive",{"id":99,"name":100,"tactic":101},"D3-CH","Credential Hardening",{"name":102},"Harden",{"id":104,"name":105,"tactic":106},"D3-MFA","Multi-factor Authentication",{"name":102},{"id":108,"name":109,"tactic":110},"D3-CRO","Credential Rotation",{"name":102},{"id":112,"name":113,"tactic":114},"D3-PR","Password Rotation",{"name":102},{"id":116,"name":117,"tactic":118},"D3-PWA","Password Authentication",{"name":102},{"id":120,"name":121,"tactic":122},"D3-CDP","Change Default Password",{"name":102},{"id":124,"name":125,"tactic":126},"D3-SPP","Strong Password Policy",{"name":102},{"id":128,"name":129,"tactic":130},"D3-OTP","One-time Password",{"name":102},{"id":132,"name":133,"tactic":134},"D3-RIC","Reissue Credential",{"name":135},"Restore",{"id":137,"name":138,"tactic":139},"D3-CTS","Credential Transmission Scoping",{"name":140},"Isolate",{"id":142,"name":143,"tactic":144},"D3-NTF","Network Traffic Filtering",{"name":140},{"id":146,"name":147,"techniques":148},"CAPEC-485","Signature Spoofing by Key Recreation",[149],{"id":150,"name":151,"tactics":152,"countermeasures":154},"T1552.004","Private Keys",[153],{"id":28,"name":29},[155,157,159,161,163,165,167,169,171],{"id":32,"name":33,"tactic":156},{"name":35},{"id":85,"name":86,"tactic":158},{"name":88},{"id":90,"name":91,"tactic":160},{"name":88},{"id":94,"name":95,"tactic":162},{"name":97},{"id":99,"name":100,"tactic":164},{"name":102},{"id":104,"name":105,"tactic":166},{"name":102},{"id":108,"name":109,"tactic":168},{"name":102},{"id":132,"name":133,"tactic":170},{"name":135},{"id":137,"name":138,"tactic":172},{"name":140},{"id":174,"name":175,"techniques":176},"CAPEC-59","Session Credential Falsification through Prediction",[],[],[],[],[181,183,185,187,189,191],{"_key":182},"SUSE-SU-2017:1282-1",{"_key":184},"SUSE-SU-2017:1313-1",{"_key":186},"OPENSUSE-SU-2024:11017-1",{"_key":188},"MGASA-2017-0169",{"_key":190},"UBUNTU-CVE-2015-9019",{"_key":192},"DEBIAN-CVE-2015-9019",[],[195,196,197,198],{"_key":182},{"_key":184},{"_key":186},{"_key":188},"2017-04-05T21:00:00.000Z","2024-09-16T22:56:40.583Z","Modified",{"cisa_kev":203,"cisa_ransomware":203,"cisa_vendor":9,"epss_severity":204,"epss_score":205,"severity":206,"severity_score":207,"severity_version":208,"severity_source":209,"severity_vector":210,"severity_status":201},false,"low",0.00595,"medium",5.3,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",[212,222],{"url":213,"sources":214,"tags":216},"https://bugzilla.suse.com/show_bug.cgi?id=934119",[215,209],"cve.org",[217,218,219,220,221],"X Refsource MISC","Issue Tracking","Patch","Third Party Advisory","VDB Entry",{"url":223,"sources":224,"tags":225},"https://bugzilla.gnome.org/show_bug.cgi?id=758400",[215,209],[217,218,219,220,221],[],{"date":228,"score":205,"percentile":229},"2026-06-04",0.69699,[231,235,238,241,244,247,250,253,255,258,261,264,267,269,272,275,278,281,284,286,289,292,295,298,301,304,307,309,312,315,318,320,322,324,326,329,332,335,338,341,344,347,350,353,356,359,362,365,368,370,373,375,378,381,384,387,390,393,396,399,402,404,407,410,413,416,419,422,425,428,431,433,436,439,442,445,448,451,453,456,458,461,464,467,470,473,476,479,481,484],{"date":232,"score":233,"percentile":234},"2025-11-04",0.00984,0.76073,{"date":236,"score":233,"percentile":237},"2025-11-05",0.76071,{"date":239,"score":233,"percentile":240},"2025-11-06",0.76068,{"date":242,"score":233,"percentile":243},"2025-11-07",0.76084,{"date":245,"score":233,"percentile":246},"2025-11-08",0.76089,{"date":248,"score":233,"percentile":249},"2025-11-09",0.76085,{"date":251,"score":233,"percentile":252},"2025-11-10",0.76072,{"date":254,"score":233,"percentile":234},"2025-11-11",{"date":256,"score":233,"percentile":257},"2025-11-12",0.76093,{"date":259,"score":233,"percentile":260},"2025-11-13",0.761,{"date":262,"score":233,"percentile":263},"2025-11-14",0.76106,{"date":265,"score":233,"percentile":266},"2025-11-15",0.76102,{"date":268,"score":233,"percentile":266},"2025-11-16",{"date":270,"score":233,"percentile":271},"2025-11-17",0.76094,{"date":273,"score":233,"percentile":274},"2025-11-18",0.74847,{"date":276,"score":233,"percentile":277},"2025-11-19",0.74853,{"date":279,"score":233,"percentile":280},"2025-11-20",0.74861,{"date":282,"score":233,"percentile":283},"2025-11-21",0.76119,{"date":285,"score":233,"percentile":283},"2025-11-22",{"date":287,"score":233,"percentile":288},"2025-11-23",0.76104,{"date":290,"score":233,"percentile":291},"2025-11-24",0.76105,{"date":293,"score":233,"percentile":294},"2025-11-25",0.76112,{"date":296,"score":233,"percentile":297},"2025-11-26",0.76118,{"date":299,"score":233,"percentile":300},"2025-11-27",0.7612,{"date":302,"score":233,"percentile":303},"2025-11-28",0.76108,{"date":305,"score":233,"percentile":306},"2025-11-29",0.76113,{"date":308,"score":233,"percentile":294},"2025-11-30",{"date":310,"score":233,"percentile":311},"2025-12-01",0.76238,{"date":313,"score":233,"percentile":314},"2025-12-02",0.76241,{"date":316,"score":233,"percentile":317},"2025-12-03",0.76231,{"date":319,"score":233,"percentile":288},"2025-12-04",{"date":321,"score":233,"percentile":306},"2025-12-05",{"date":323,"score":233,"percentile":297},"2025-12-06",{"date":325,"score":233,"percentile":306},"2025-12-07",{"date":327,"score":233,"percentile":328},"2025-12-08",0.76117,{"date":330,"score":233,"percentile":331},"2025-12-09",0.76143,{"date":333,"score":233,"percentile":334},"2025-12-10",0.76167,{"date":336,"score":233,"percentile":337},"2025-12-11",0.76186,{"date":339,"score":233,"percentile":340},"2025-12-12",0.76209,{"date":342,"score":233,"percentile":343},"2025-12-13",0.76211,{"date":345,"score":233,"percentile":346},"2025-12-14",0.76206,{"date":348,"score":233,"percentile":349},"2025-12-15",0.76204,{"date":351,"score":233,"percentile":352},"2025-12-16",0.76216,{"date":354,"score":233,"percentile":355},"2025-12-17",0.76227,{"date":357,"score":233,"percentile":358},"2025-12-18",0.76242,{"date":360,"score":233,"percentile":361},"2025-12-19",0.76257,{"date":363,"score":233,"percentile":364},"2025-12-20",0.7625,{"date":366,"score":233,"percentile":367},"2025-12-21",0.76245,{"date":369,"score":233,"percentile":314},"2025-12-22",{"date":371,"score":233,"percentile":372},"2025-12-23",0.7624,{"date":374,"score":233,"percentile":364},"2025-12-24",{"date":376,"score":233,"percentile":377},"2025-12-25",0.76272,{"date":379,"score":233,"percentile":380},"2025-12-26",0.76269,{"date":382,"score":233,"percentile":383},"2025-12-27",0.76323,{"date":385,"score":233,"percentile":386},"2025-12-28",0.76252,{"date":388,"score":233,"percentile":389},"2025-12-29",0.76247,{"date":391,"score":233,"percentile":392},"2025-12-30",0.76258,{"date":394,"score":233,"percentile":395},"2025-12-31",0.7628,{"date":397,"score":233,"percentile":398},"2026-01-01",0.76416,{"date":400,"score":233,"percentile":401},"2026-01-02",0.7642,{"date":403,"score":233,"percentile":401},"2026-01-03",{"date":405,"score":233,"percentile":406},"2026-01-04",0.7629,{"date":408,"score":233,"percentile":409},"2026-01-05",0.76281,{"date":411,"score":233,"percentile":412},"2026-01-06",0.76292,{"date":414,"score":233,"percentile":415},"2026-01-07",0.76303,{"date":417,"score":233,"percentile":418},"2026-01-08",0.76313,{"date":420,"score":233,"percentile":421},"2026-01-09",0.76321,{"date":423,"score":233,"percentile":424},"2026-01-10",0.76322,{"date":426,"score":233,"percentile":427},"2026-01-11",0.76309,{"date":429,"score":233,"percentile":430},"2026-01-12",0.76299,{"date":432,"score":233,"percentile":430},"2026-01-13",{"date":434,"score":233,"percentile":435},"2026-01-14",0.76325,{"date":437,"score":233,"percentile":438},"2026-01-15",0.76331,{"date":440,"score":233,"percentile":441},"2026-01-16",0.76342,{"date":443,"score":233,"percentile":444},"2026-01-17",0.76341,{"date":446,"score":233,"percentile":447},"2026-01-18",0.76334,{"date":449,"score":233,"percentile":450},"2026-01-19",0.7633,{"date":452,"score":233,"percentile":450},"2026-01-20",{"date":454,"score":233,"percentile":455},"2026-01-21",0.76336,{"date":457,"score":233,"percentile":441},"2026-01-22",{"date":459,"score":233,"percentile":460},"2026-01-23",0.76371,{"date":462,"score":233,"percentile":463},"2026-01-24",0.76382,{"date":465,"score":233,"percentile":466},"2026-01-25",0.76368,{"date":468,"score":233,"percentile":469},"2026-01-26",0.76367,{"date":471,"score":233,"percentile":472},"2026-01-27",0.76366,{"date":474,"score":233,"percentile":475},"2026-01-28",0.76375,{"date":477,"score":233,"percentile":478},"2026-01-29",0.7637,{"date":480,"score":233,"percentile":475},"2026-01-30",{"date":482,"score":233,"percentile":483},"2026-01-31",0.76373,{"date":485,"score":233,"percentile":486},"2026-02-01",0.76497,[488],{"source":209,"cvss_v2_0":489,"cvss_v3_0":494,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":490,"baseSeverity":9,"vectorString":491,"impactScore":492,"exploitabilityScore":493},5,"AV:N/AC:L/Au:N/C:P/I:N/A:N",2.9,10,{"baseScore":207,"baseSeverity":495,"vectorString":210,"impactScore":496,"exploitabilityScore":493},"MEDIUM",2.3,[498],{"ecosystem":9,"name":499,"vendor":500,"product":499,"cpe_part":501,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":502},"libxslt","xmlsoft","a",[503],{"version":504,"is_range":505,"range_type":506,"version_start":9,"version_start_type":9,"version_end":507,"version_end_type":508,"fixed_in":9},"lte1.1.29",true,"cpe","1.1.29","including"]