[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2017-7375":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":41,"related":42,"reserved_at":9,"published_at":45,"modified_at":46,"state":47,"summary":48,"references_raw":57,"kevs":101,"epss":102,"epss_history":105,"metrics":377,"affected":390},"CVE-2017-7375","A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-611","Improper Restriction of XML External Entity Reference","The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-221","Data Serialization External Entities Blowup",[],[],[],[],[27,29,31,33,35,37,39],{"_key":28},"SUSE-SU-2017:1813-1",{"_key":30},"DLA-1008-1",{"_key":32},"DSA-3952-1",{"_key":34},"MGASA-2018-0048",{"_key":36},"UBUNTU-CVE-2017-7375",{"_key":38},"USN-3424-1",{"_key":40},"DEBIAN-CVE-2017-7375",[],[43,44],{"_key":28},{"_key":34},"2018-02-19T19:00:00.000Z","2025-12-03T21:49:54.271Z","Modified",{"cisa_kev":49,"cisa_ransomware":49,"cisa_vendor":9,"epss_severity":50,"epss_score":51,"severity":52,"severity_score":53,"severity_version":54,"severity_source":55,"severity_vector":56,"severity_status":47},false,"low",0.00443,"critical",9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[58,66,70,76,82,87,91,96],{"url":59,"sources":60,"tags":62},"https://android.googlesource.com/platform/external/libxml2/+/308396a55280f69ad4112d4f9892f4cbeff042aa",[55,61],"nvd",[63,64,65],"X Refsource CONFIRM","Patch","Third Party Advisory",{"url":67,"sources":68,"tags":69},"https://source.android.com/security/bulletin/2017-06-01",[55,61],[63,64,65],{"url":71,"sources":72,"tags":73},"https://www.debian.org/security/2017/dsa-3952",[55,61],[74,75,65],"Vendor Advisory","X Refsource DEBIAN",{"url":77,"sources":78,"tags":79},"http://www.securityfocus.com/bid/98877",[55,61],[80,81,65],"VDB Entry","X Refsource BID",{"url":83,"sources":84,"tags":85},"https://security.gentoo.org/glsa/201711-01",[55,61],[74,86,65],"X Refsource GENTOO",{"url":88,"sources":89,"tags":90},"https://git.gnome.org/browse/libxml2/commit/?id=90ccb58242866b0ba3edbef8fe44214a101c2b3e",[55,61],[63,64,65],{"url":92,"sources":93,"tags":94},"https://bugzilla.redhat.com/show_bug.cgi?id=1462203",[55,61],[63,95,64,65],"Issue Tracking",{"url":97,"sources":98,"tags":99},"http://www.securitytracker.com/id/1038623",[55,61],[80,100,65],"X Refsource SECTRACK",[],{"date":103,"score":51,"percentile":104},"2026-06-04",0.63626,[106,110,113,116,119,122,125,128,131,133,136,139,142,145,148,152,155,158,161,164,167,170,173,176,179,182,185,188,190,193,196,200,203,206,209,212,215,218,221,224,227,230,233,236,239,243,246,250,253,256,259,262,265,268,271,274,277,280,283,286,290,293,296,299,302,305,308,311,314,317,320,323,326,328,331,334,337,340,343,345,348,351,353,356,359,362,365,368,371,374],{"date":107,"score":108,"percentile":109},"2025-11-04",0.00275,0.50627,{"date":111,"score":108,"percentile":112},"2025-11-05",0.50611,{"date":114,"score":108,"percentile":115},"2025-11-06",0.5063,{"date":117,"score":108,"percentile":118},"2025-11-07",0.50653,{"date":120,"score":108,"percentile":121},"2025-11-08",0.50654,{"date":123,"score":108,"percentile":124},"2025-11-09",0.50642,{"date":126,"score":108,"percentile":127},"2025-11-10",0.50612,{"date":129,"score":108,"percentile":130},"2025-11-11",0.50629,{"date":132,"score":108,"percentile":121},"2025-11-12",{"date":134,"score":108,"percentile":135},"2025-11-13",0.50659,{"date":137,"score":108,"percentile":138},"2025-11-14",0.50666,{"date":140,"score":108,"percentile":141},"2025-11-15",0.50658,{"date":143,"score":108,"percentile":144},"2025-11-16",0.50637,{"date":146,"score":108,"percentile":147},"2025-11-17",0.50614,{"date":149,"score":150,"percentile":151},"2025-11-18",0.01742,0.81019,{"date":153,"score":150,"percentile":154},"2025-11-19",0.81021,{"date":156,"score":150,"percentile":157},"2025-11-20",0.81024,{"date":159,"score":108,"percentile":160},"2025-11-21",0.50624,{"date":162,"score":108,"percentile":163},"2025-11-22",0.50617,{"date":165,"score":108,"percentile":166},"2025-11-23",0.50578,{"date":168,"score":108,"percentile":169},"2025-11-24",0.50572,{"date":171,"score":108,"percentile":172},"2025-11-25",0.5058,{"date":174,"score":108,"percentile":175},"2025-11-26",0.50579,{"date":177,"score":108,"percentile":178},"2025-11-27",0.50585,{"date":180,"score":108,"percentile":181},"2025-11-28",0.50549,{"date":183,"score":108,"percentile":184},"2025-11-29",0.50529,{"date":186,"score":108,"percentile":187},"2025-11-30",0.50517,{"date":189,"score":108,"percentile":138},"2025-12-01",{"date":191,"score":108,"percentile":192},"2025-12-02",0.50686,{"date":194,"score":108,"percentile":195},"2025-12-03",0.50681,{"date":197,"score":198,"percentile":199},"2025-12-04",0.0024,0.47095,{"date":201,"score":198,"percentile":202},"2025-12-05",0.47117,{"date":204,"score":198,"percentile":205},"2025-12-06",0.47115,{"date":207,"score":198,"percentile":208},"2025-12-07",0.471,{"date":210,"score":198,"percentile":211},"2025-12-08",0.47106,{"date":213,"score":198,"percentile":214},"2025-12-09",0.47137,{"date":216,"score":198,"percentile":217},"2025-12-10",0.472,{"date":219,"score":198,"percentile":220},"2025-12-11",0.47224,{"date":222,"score":198,"percentile":223},"2025-12-12",0.4725,{"date":225,"score":198,"percentile":226},"2025-12-13",0.47232,{"date":228,"score":198,"percentile":229},"2025-12-14",0.47217,{"date":231,"score":198,"percentile":232},"2025-12-15",0.47198,{"date":234,"score":198,"percentile":235},"2025-12-16",0.47212,{"date":237,"score":198,"percentile":238},"2025-12-17",0.47237,{"date":240,"score":241,"percentile":242},"2025-12-18",0.00258,0.49023,{"date":244,"score":241,"percentile":245},"2025-12-19",0.49033,{"date":247,"score":248,"percentile":249},"2025-12-20",0.00262,0.49399,{"date":251,"score":248,"percentile":252},"2025-12-21",0.4937,{"date":254,"score":248,"percentile":255},"2025-12-22",0.49358,{"date":257,"score":248,"percentile":258},"2025-12-23",0.49354,{"date":260,"score":248,"percentile":261},"2025-12-24",0.49365,{"date":263,"score":248,"percentile":264},"2025-12-25",0.49418,{"date":266,"score":248,"percentile":267},"2025-12-26",0.49407,{"date":269,"score":248,"percentile":270},"2025-12-27",0.49425,{"date":272,"score":248,"percentile":273},"2025-12-28",0.49349,{"date":275,"score":248,"percentile":276},"2025-12-29",0.49333,{"date":278,"score":248,"percentile":279},"2025-12-30",0.49328,{"date":281,"score":248,"percentile":282},"2025-12-31",0.49367,{"date":284,"score":248,"percentile":285},"2026-01-01",0.49533,{"date":287,"score":288,"percentile":289},"2026-01-02",0.00255,0.48807,{"date":291,"score":288,"percentile":292},"2026-01-03",0.48795,{"date":294,"score":288,"percentile":295},"2026-01-04",0.48617,{"date":297,"score":288,"percentile":298},"2026-01-05",0.48602,{"date":300,"score":288,"percentile":301},"2026-01-06",0.48607,{"date":303,"score":288,"percentile":304},"2026-01-07",0.48625,{"date":306,"score":288,"percentile":307},"2026-01-08",0.48647,{"date":309,"score":288,"percentile":310},"2026-01-09",0.48621,{"date":312,"score":288,"percentile":313},"2026-01-10",0.48615,{"date":315,"score":288,"percentile":316},"2026-01-11",0.48597,{"date":318,"score":288,"percentile":319},"2026-01-12",0.48555,{"date":321,"score":288,"percentile":322},"2026-01-13",0.48529,{"date":324,"score":288,"percentile":325},"2026-01-14",0.48574,{"date":327,"score":288,"percentile":325},"2026-01-15",{"date":329,"score":288,"percentile":330},"2026-01-16",0.48596,{"date":332,"score":288,"percentile":333},"2026-01-17",0.48572,{"date":335,"score":288,"percentile":336},"2026-01-18",0.48544,{"date":338,"score":288,"percentile":339},"2026-01-19",0.4852,{"date":341,"score":288,"percentile":342},"2026-01-20",0.48519,{"date":344,"score":288,"percentile":339},"2026-01-21",{"date":346,"score":288,"percentile":347},"2026-01-22",0.48524,{"date":349,"score":288,"percentile":350},"2026-01-23",0.48569,{"date":352,"score":288,"percentile":333},"2026-01-24",{"date":354,"score":288,"percentile":355},"2026-01-25",0.48521,{"date":357,"score":288,"percentile":358},"2026-01-26",0.4849,{"date":360,"score":288,"percentile":361},"2026-01-27",0.48495,{"date":363,"score":288,"percentile":364},"2026-01-28",0.48506,{"date":366,"score":288,"percentile":367},"2026-01-29",0.48496,{"date":369,"score":288,"percentile":370},"2026-01-30",0.48505,{"date":372,"score":288,"percentile":373},"2026-01-31",0.48512,{"date":375,"score":288,"percentile":376},"2026-02-01",0.48655,[378,382],{"source":55,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":379,"cvss_v4_0":9},{"baseScore":53,"baseSeverity":380,"vectorString":56,"impactScore":53,"exploitabilityScore":381},"CRITICAL",10,{"source":61,"cvss_v2_0":383,"cvss_v3_0":387,"cvss_v3_1":389,"cvss_v4_0":9},{"baseScore":384,"baseSeverity":9,"vectorString":385,"impactScore":386,"exploitabilityScore":381},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,{"baseScore":53,"baseSeverity":380,"vectorString":388,"impactScore":53,"exploitabilityScore":381},"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",{"baseScore":53,"baseSeverity":380,"vectorString":56,"impactScore":53,"exploitabilityScore":381},[391,404,425],{"ecosystem":9,"name":392,"vendor":393,"product":394,"cpe_part":395,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":396},"debian linux","debian","debian_linux","o",[397,400,402],{"version":398,"is_range":49,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0","cpe",{"version":401,"is_range":49,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0",{"version":403,"is_range":49,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":405,"vendor":406,"product":407,"cpe_part":408,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":409},"Android","google","android","a",[410,412,414,416,418,420,421,423],{"version":411,"is_range":49,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.4.4",{"version":413,"is_range":49,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.0.2",{"version":415,"is_range":49,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.1.1",{"version":417,"is_range":49,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0",{"version":419,"is_range":49,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.0.1",{"version":398,"is_range":49,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":422,"is_range":49,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.1.1",{"version":424,"is_range":49,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.1.2",{"ecosystem":9,"name":426,"vendor":427,"product":426,"cpe_part":408,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":428},"libxml2","xmlsoft",[429,434,436],{"version":430,"is_range":431,"range_type":399,"version_start":9,"version_start_type":9,"version_end":432,"version_end_type":433,"fixed_in":9},"lte2.9.4",true,"2.9.4","including",{"version":435,"is_range":49,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.9.4:rc1",{"version":437,"is_range":49,"range_type":399,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.9.4:rc2"]