[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2017-9049":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":33,"duplicate_of":9,"upstream":34,"downstream":35,"duplicates":58,"related":59,"reserved_at":9,"published_at":66,"modified_at":67,"state":68,"summary":69,"references_raw":77,"kevs":113,"epss":114,"epss_history":117,"metrics":392,"affected":406},"CVE-2017-9049","libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[24],{"_key":25,"name":26,"source":27,"url":28,"maturity":29,"reliability_score":30,"verified":31,"type":9,"platforms":32,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_E9F80E59CAF434D8","Exploit Reference (openwall.com)","reference","http://www.openwall.com/lists/oss-security/2017/05/15/1","unknown",0.2,false,[],[],[],[36,38,40,42,44,46,48,50,52,54,56],{"_key":37},"SUSE-SU-2017:1454-1",{"_key":39},"SUSE-SU-2017:1538-1",{"_key":41},"SUSE-SU-2017:1557-1",{"_key":43},"SUSE-SU-2017:1587-1",{"_key":45},"OPENSUSE-SU-2024:11016-1",{"_key":47},"DLA-1008-1",{"_key":49},"DSA-3952-1",{"_key":51},"MGASA-2018-0048",{"_key":53},"UBUNTU-CVE-2017-9049",{"_key":55},"USN-3424-1",{"_key":57},"DEBIAN-CVE-2017-9049",[],[60,61,62,63,64,65],{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":51},"2017-05-18T06:13:00.000Z","2025-12-18T14:20:32.345Z","Modified",{"cisa_kev":31,"cisa_ransomware":31,"cisa_vendor":9,"epss_severity":70,"epss_score":71,"severity":72,"severity_score":73,"severity_version":74,"severity_source":75,"severity_vector":76,"severity_status":68},"low",0.00458,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[78,85,90,98,104,109],{"url":79,"sources":80,"tags":82},"http://www.debian.org/security/2017/dsa-3952",[75,81],"nvd",[83,84],"Vendor Advisory","X Refsource DEBIAN",{"url":86,"sources":87,"tags":88},"https://security.gentoo.org/glsa/201711-01",[75,81],[83,89],"X Refsource GENTOO",{"url":28,"sources":91,"tags":92},[75,81],[93,94,95,96,97],"X Refsource MISC","Exploit","Mailing List","Patch","Third Party Advisory",{"url":99,"sources":100,"tags":101},"http://www.securityfocus.com/bid/98601",[75,81],[102,103,97],"VDB Entry","X Refsource BID",{"url":105,"sources":106,"tags":107},"https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E",[75,81],[95,108],"X Refsource MLIST",{"url":110,"sources":111,"tags":112},"https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E",[75,81],[95,108],[],{"date":115,"score":71,"percentile":116},"2026-06-04",0.64318,[118,122,125,128,131,135,139,142,145,148,151,154,158,161,164,168,171,174,178,182,185,188,191,193,196,199,202,205,208,211,214,217,220,223,226,228,231,234,237,240,243,245,248,250,253,256,260,264,267,270,273,277,280,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,327,330,333,336,339,342,345,348,351,354,356,359,362,365,368,371,374,377,380,383,386,389],{"date":119,"score":120,"percentile":121},"2025-11-04",0.00438,0.62288,{"date":123,"score":120,"percentile":124},"2025-11-05",0.62275,{"date":126,"score":120,"percentile":127},"2025-11-06",0.62284,{"date":129,"score":120,"percentile":130},"2025-11-07",0.62302,{"date":132,"score":133,"percentile":134},"2025-11-08",0.0046,0.63306,{"date":136,"score":137,"percentile":138},"2025-11-09",0.00516,0.65765,{"date":140,"score":137,"percentile":141},"2025-11-10",0.65755,{"date":143,"score":137,"percentile":144},"2025-11-11",0.65763,{"date":146,"score":137,"percentile":147},"2025-11-12",0.65785,{"date":149,"score":137,"percentile":150},"2025-11-13",0.65795,{"date":152,"score":137,"percentile":153},"2025-11-14",0.65803,{"date":155,"score":156,"percentile":157},"2025-11-15",0.00359,0.57383,{"date":159,"score":156,"percentile":160},"2025-11-16",0.57366,{"date":162,"score":156,"percentile":163},"2025-11-17",0.57363,{"date":165,"score":166,"percentile":167},"2025-11-18",0.00958,0.745,{"date":169,"score":166,"percentile":170},"2025-11-19",0.74508,{"date":172,"score":166,"percentile":173},"2025-11-20",0.74516,{"date":175,"score":176,"percentile":177},"2025-11-21",0.00308,0.53537,{"date":179,"score":180,"percentile":181},"2025-11-22",0.00391,0.59413,{"date":183,"score":180,"percentile":184},"2025-11-23",0.59389,{"date":186,"score":180,"percentile":187},"2025-11-24",0.59386,{"date":189,"score":180,"percentile":190},"2025-11-25",0.59392,{"date":192,"score":180,"percentile":190},"2025-11-26",{"date":194,"score":180,"percentile":195},"2025-11-27",0.59399,{"date":197,"score":180,"percentile":198},"2025-11-28",0.59374,{"date":200,"score":180,"percentile":201},"2025-11-29",0.5935,{"date":203,"score":180,"percentile":204},"2025-11-30",0.59338,{"date":206,"score":180,"percentile":207},"2025-12-01",0.59484,{"date":209,"score":180,"percentile":210},"2025-12-02",0.59496,{"date":212,"score":180,"percentile":213},"2025-12-03",0.595,{"date":215,"score":180,"percentile":216},"2025-12-04",0.59336,{"date":218,"score":156,"percentile":219},"2025-12-05",0.57317,{"date":221,"score":156,"percentile":222},"2025-12-06",0.57316,{"date":224,"score":156,"percentile":225},"2025-12-07",0.57314,{"date":227,"score":156,"percentile":225},"2025-12-08",{"date":229,"score":156,"percentile":230},"2025-12-09",0.57339,{"date":232,"score":156,"percentile":233},"2025-12-10",0.57394,{"date":235,"score":156,"percentile":236},"2025-12-11",0.5742,{"date":238,"score":156,"percentile":239},"2025-12-12",0.57444,{"date":241,"score":156,"percentile":242},"2025-12-13",0.57442,{"date":244,"score":156,"percentile":239},"2025-12-14",{"date":246,"score":156,"percentile":247},"2025-12-15",0.57428,{"date":249,"score":156,"percentile":242},"2025-12-16",{"date":251,"score":156,"percentile":252},"2025-12-17",0.57454,{"date":254,"score":176,"percentile":255},"2025-12-18",0.53636,{"date":257,"score":258,"percentile":259},"2025-12-19",0.00394,0.59686,{"date":261,"score":262,"percentile":263},"2025-12-20",0.00405,0.60384,{"date":265,"score":262,"percentile":266},"2025-12-21",0.6037,{"date":268,"score":262,"percentile":269},"2025-12-22",0.60364,{"date":271,"score":262,"percentile":272},"2025-12-23",0.60377,{"date":274,"score":275,"percentile":276},"2025-12-24",0.00471,0.63947,{"date":278,"score":275,"percentile":279},"2025-12-25",0.63972,{"date":281,"score":275,"percentile":279},"2025-12-26",{"date":283,"score":275,"percentile":284},"2025-12-27",0.64016,{"date":286,"score":275,"percentile":287},"2025-12-28",0.63949,{"date":289,"score":275,"percentile":290},"2025-12-29",0.63937,{"date":292,"score":275,"percentile":293},"2025-12-30",0.63954,{"date":295,"score":275,"percentile":296},"2025-12-31",0.63979,{"date":298,"score":275,"percentile":299},"2026-01-01",0.64168,{"date":301,"score":275,"percentile":302},"2026-01-02",0.64154,{"date":304,"score":275,"percentile":305},"2026-01-03",0.64153,{"date":307,"score":275,"percentile":308},"2026-01-04",0.63977,{"date":310,"score":275,"percentile":311},"2026-01-05",0.63971,{"date":313,"score":71,"percentile":314},"2026-01-06",0.63387,{"date":316,"score":71,"percentile":317},"2026-01-07",0.63407,{"date":319,"score":71,"percentile":320},"2026-01-08",0.63429,{"date":322,"score":71,"percentile":323},"2026-01-09",0.63432,{"date":325,"score":71,"percentile":326},"2026-01-10",0.63428,{"date":328,"score":71,"percentile":329},"2026-01-11",0.63417,{"date":331,"score":71,"percentile":332},"2026-01-12",0.63398,{"date":334,"score":71,"percentile":335},"2026-01-13",0.63395,{"date":337,"score":71,"percentile":338},"2026-01-14",0.63435,{"date":340,"score":71,"percentile":341},"2026-01-15",0.63453,{"date":343,"score":71,"percentile":344},"2026-01-16",0.63471,{"date":346,"score":71,"percentile":347},"2026-01-17",0.6346,{"date":349,"score":71,"percentile":350},"2026-01-18",0.63452,{"date":352,"score":71,"percentile":353},"2026-01-19",0.6344,{"date":355,"score":71,"percentile":341},"2026-01-20",{"date":357,"score":71,"percentile":358},"2026-01-21",0.63457,{"date":360,"score":71,"percentile":361},"2026-01-22",0.63464,{"date":363,"score":71,"percentile":364},"2026-01-23",0.63496,{"date":366,"score":71,"percentile":367},"2026-01-24",0.63502,{"date":369,"score":71,"percentile":370},"2026-01-25",0.63466,{"date":372,"score":71,"percentile":373},"2026-01-26",0.63454,{"date":375,"score":71,"percentile":376},"2026-01-27",0.63465,{"date":378,"score":71,"percentile":379},"2026-01-28",0.63475,{"date":381,"score":71,"percentile":382},"2026-01-29",0.63472,{"date":384,"score":71,"percentile":385},"2026-01-30",0.63476,{"date":387,"score":71,"percentile":388},"2026-01-31",0.6348,{"date":390,"score":71,"percentile":391},"2026-02-01",0.63625,[393,398],{"source":75,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":394,"cvss_v4_0":9},{"baseScore":73,"baseSeverity":395,"vectorString":76,"impactScore":396,"exploitabilityScore":397},"HIGH",6,10,{"source":81,"cvss_v2_0":399,"cvss_v3_0":403,"cvss_v3_1":405,"cvss_v4_0":9},{"baseScore":400,"baseSeverity":9,"vectorString":401,"impactScore":402,"exploitabilityScore":397},5,"AV:N/AC:L/Au:N/C:N/I:N/A:P",2.9,{"baseScore":73,"baseSeverity":395,"vectorString":404,"impactScore":396,"exploitabilityScore":397},"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",{"baseScore":73,"baseSeverity":395,"vectorString":76,"impactScore":396,"exploitabilityScore":397},[407],{"ecosystem":9,"name":408,"vendor":409,"product":408,"cpe_part":410,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":411},"libxml2","xmlsoft","a",[412],{"version":413,"is_range":31,"range_type":414,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.9.4","cpe"]