UBUNTU-CVE-2026-25210

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2026-25210
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2026-25210
Upstream
Published
2026-01-30T07:16:00Z
Modified
2026-02-05T20:46:08.077541Z
Severity
  • 6.9 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.

References

Affected packages

Ubuntu:14.04:LTS
xmlrpc-c

Package

Name
xmlrpc-c
Purl
pkg:deb/ubuntu/xmlrpc-c@1.33.06-0ubuntu1?arch=source&distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.16.33-3.2ubuntu3
1.33.06-0ubuntu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libxmlrpc-c++8",
            "binary_version": "1.33.06-0ubuntu1"
        },
        {
            "binary_name": "libxmlrpc-c++8-dev",
            "binary_version": "1.33.06-0ubuntu1"
        },
        {
            "binary_name": "libxmlrpc-core-c3",
            "binary_version": "1.33.06-0ubuntu1"
        },
        {
            "binary_name": "libxmlrpc-core-c3-dev",
            "binary_version": "1.33.06-0ubuntu1"
        },
        {
            "binary_name": "xmlrpc-api-utils",
            "binary_version": "1.33.06-0ubuntu1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
Ubuntu:16.04:LTS
ayttm

Package

Name
ayttm
Purl
pkg:deb/ubuntu/ayttm@0.6.3-3build1?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.6.3-3build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "ayttm",
            "binary_version": "0.6.3-3build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
cableswig

Package

Name
cableswig
Purl
pkg:deb/ubuntu/cableswig@0.1.0+git20150808-2?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.1.0+git20150808-1
0.1.0+git20150808-2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "cableswig",
            "binary_version": "0.1.0+git20150808-2"
        },
        {
            "binary_name": "libcableswig-dev",
            "binary_version": "0.1.0+git20150808-2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
cadaver

Package

Name
cadaver
Purl
pkg:deb/ubuntu/cadaver@0.23.3-2ubuntu2?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.23.3-2ubuntu2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "cadaver",
            "binary_version": "0.23.3-2ubuntu2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
gdcm

Package

Name
gdcm
Purl
pkg:deb/ubuntu/gdcm@2.6.3-3ubuntu3?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.4.4-4
2.4.4-4build1
2.4.4-4ubuntu1
2.6.1-3
2.6.2-1
2.6.2-2
2.6.2-3
2.6.3-1
2.6.3-1ubuntu1
2.6.3-2ubuntu1
2.6.3-3ubuntu1
2.6.3-3ubuntu3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libgdcm-cil",
            "binary_version": "2.6.3-3ubuntu3"
        },
        {
            "binary_name": "libgdcm-java",
            "binary_version": "2.6.3-3ubuntu3"
        },
        {
            "binary_name": "libgdcm-tools",
            "binary_version": "2.6.3-3ubuntu3"
        },
        {
            "binary_name": "libgdcm2-dev",
            "binary_version": "2.6.3-3ubuntu3"
        },
        {
            "binary_name": "libgdcm2.6",
            "binary_version": "2.6.3-3ubuntu3"
        },
        {
            "binary_name": "libvtkgdcm-cil",
            "binary_version": "2.6.3-3ubuntu3"
        },
        {
            "binary_name": "libvtkgdcm-java",
            "binary_version": "2.6.3-3ubuntu3"
        },
        {
            "binary_name": "libvtkgdcm-tools",
            "binary_version": "2.6.3-3ubuntu3"
        },
        {
            "binary_name": "libvtkgdcm2-dev",
            "binary_version": "2.6.3-3ubuntu3"
        },
        {
            "binary_name": "libvtkgdcm2.6",
            "binary_version": "2.6.3-3ubuntu3"
        },
        {
            "binary_name": "python-gdcm",
            "binary_version": "2.6.3-3ubuntu3"
        },
        {
            "binary_name": "python-vtkgdcm",
            "binary_version": "2.6.3-3ubuntu3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
insighttoolkit4

Package

Name
insighttoolkit4
Purl
pkg:deb/ubuntu/insighttoolkit4@4.9.0-4ubuntu1.1?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.8.1-1ubuntu3
4.8.1-1ubuntu4
4.8.2-3.1ubuntu1
4.9.0-3ubuntu2
4.9.0-4ubuntu1
4.9.0-4ubuntu1.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "insighttoolkit4-examples",
            "binary_version": "4.9.0-4ubuntu1.1"
        },
        {
            "binary_name": "insighttoolkit4-python",
            "binary_version": "4.9.0-4ubuntu1.1"
        },
        {
            "binary_name": "libinsighttoolkit4-dev",
            "binary_version": "4.9.0-4ubuntu1.1"
        },
        {
            "binary_name": "libinsighttoolkit4.9",
            "binary_version": "4.9.0-4ubuntu1.1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
matanza

Package

Name
matanza
Purl
pkg:deb/ubuntu/matanza@0.13+ds1-5?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.13+ds1-5

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "matanza",
            "binary_version": "0.13+ds1-5"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
smart

Package

Name
smart
Purl
pkg:deb/ubuntu/smart@1.4-2?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.4-2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "python-smartpm",
            "binary_version": "1.4-2"
        },
        {
            "binary_name": "smartpm",
            "binary_version": "1.4-2"
        },
        {
            "binary_name": "smartpm-core",
            "binary_version": "1.4-2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
swish-e

Package

Name
swish-e
Purl
pkg:deb/ubuntu/swish-e@2.4.7-4build1?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.4.7-4
2.4.7-4build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "swish-e",
            "binary_version": "2.4.7-4build1"
        },
        {
            "binary_name": "swish-e-dev",
            "binary_version": "2.4.7-4build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
tdom

Package

Name
tdom
Purl
pkg:deb/ubuntu/tdom@0.8.3-1?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.8.3-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tdom",
            "binary_version": "0.8.3-1"
        },
        {
            "binary_name": "tdom-dev",
            "binary_version": "0.8.3-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
wbxml2

Package

Name
wbxml2
Purl
pkg:deb/ubuntu/wbxml2@0.10.7-1?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.10.7-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libwbxml2-0",
            "binary_version": "0.10.7-1"
        },
        {
            "binary_name": "libwbxml2-dev",
            "binary_version": "0.10.7-1"
        },
        {
            "binary_name": "libwbxml2-utils",
            "binary_version": "0.10.7-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
xmlrpc-c

Package

Name
xmlrpc-c
Purl
pkg:deb/ubuntu/xmlrpc-c@1.33.14-1ubuntu1?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.33.14-0.2ubuntu3
1.33.14-1ubuntu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libxmlrpc-c++8-dev",
            "binary_version": "1.33.14-1ubuntu1"
        },
        {
            "binary_name": "libxmlrpc-c++8v5",
            "binary_version": "1.33.14-1ubuntu1"
        },
        {
            "binary_name": "libxmlrpc-core-c3",
            "binary_version": "1.33.14-1ubuntu1"
        },
        {
            "binary_name": "libxmlrpc-core-c3-dev",
            "binary_version": "1.33.14-1ubuntu1"
        },
        {
            "binary_name": "xmlrpc-api-utils",
            "binary_version": "1.33.14-1ubuntu1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
Ubuntu:18.04:LTS
cadaver

Package

Name
cadaver
Purl
pkg:deb/ubuntu/cadaver@0.23.3-2ubuntu3?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.23.3-2ubuntu3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "cadaver",
            "binary_version": "0.23.3-2ubuntu3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
coin3

Package

Name
coin3
Purl
pkg:deb/ubuntu/coin3@3.1.4~abc9f50+dfsg3-2?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.1.4~abc9f50+dfsg1-2
3.1.4~abc9f50+dfsg2-1
3.1.4~abc9f50+dfsg3-1
3.1.4~abc9f50+dfsg3-2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libcoin80-dev",
            "binary_version": "3.1.4~abc9f50+dfsg3-2"
        },
        {
            "binary_name": "libcoin80-runtime",
            "binary_version": "3.1.4~abc9f50+dfsg3-2"
        },
        {
            "binary_name": "libcoin80v5",
            "binary_version": "3.1.4~abc9f50+dfsg3-2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
gdcm

Package

Name
gdcm
Purl
pkg:deb/ubuntu/gdcm@2.8.4-1build2?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.8.2-3build1
2.8.3-1
2.8.4-1
2.8.4-1build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libgdcm-cil",
            "binary_version": "2.8.4-1build2"
        },
        {
            "binary_name": "libgdcm-java",
            "binary_version": "2.8.4-1build2"
        },
        {
            "binary_name": "libgdcm-tools",
            "binary_version": "2.8.4-1build2"
        },
        {
            "binary_name": "libgdcm2-dev",
            "binary_version": "2.8.4-1build2"
        },
        {
            "binary_name": "libgdcm2.8",
            "binary_version": "2.8.4-1build2"
        },
        {
            "binary_name": "libvtkgdcm-cil",
            "binary_version": "2.8.4-1build2"
        },
        {
            "binary_name": "libvtkgdcm-java",
            "binary_version": "2.8.4-1build2"
        },
        {
            "binary_name": "libvtkgdcm-tools",
            "binary_version": "2.8.4-1build2"
        },
        {
            "binary_name": "libvtkgdcm2-dev",
            "binary_version": "2.8.4-1build2"
        },
        {
            "binary_name": "libvtkgdcm2.8",
            "binary_version": "2.8.4-1build2"
        },
        {
            "binary_name": "python-gdcm",
            "binary_version": "2.8.4-1build2"
        },
        {
            "binary_name": "python-vtkgdcm",
            "binary_version": "2.8.4-1build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
insighttoolkit4

Package

Name
insighttoolkit4
Purl
pkg:deb/ubuntu/insighttoolkit4@4.12.2-dfsg1-1ubuntu1?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.12.2-dfsg1-1ubuntu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "insighttoolkit4-examples",
            "binary_version": "4.12.2-dfsg1-1ubuntu1"
        },
        {
            "binary_name": "insighttoolkit4-python",
            "binary_version": "4.12.2-dfsg1-1ubuntu1"
        },
        {
            "binary_name": "libinsighttoolkit4-dev",
            "binary_version": "4.12.2-dfsg1-1ubuntu1"
        },
        {
            "binary_name": "libinsighttoolkit4.12",
            "binary_version": "4.12.2-dfsg1-1ubuntu1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
matanza

Package

Name
matanza
Purl
pkg:deb/ubuntu/matanza@0.13+ds1-6?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.13+ds1-5build1
0.13+ds1-6

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "matanza",
            "binary_version": "0.13+ds1-6"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
smart

Package

Name
smart
Purl
pkg:deb/ubuntu/smart@1.4-2?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.4-2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "python-smartpm",
            "binary_version": "1.4-2"
        },
        {
            "binary_name": "smartpm",
            "binary_version": "1.4-2"
        },
        {
            "binary_name": "smartpm-core",
            "binary_version": "1.4-2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
swish-e

Package

Name
swish-e
Purl
pkg:deb/ubuntu/swish-e@2.4.7-5ubuntu1?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.4.7-5ubuntu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "swish-e",
            "binary_version": "2.4.7-5ubuntu1"
        },
        {
            "binary_name": "swish-e-dev",
            "binary_version": "2.4.7-5ubuntu1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
tdom

Package

Name
tdom
Purl
pkg:deb/ubuntu/tdom@0.9.0-1?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.8.3-1
0.9.0-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tdom",
            "binary_version": "0.9.0-1"
        },
        {
            "binary_name": "tdom-dev",
            "binary_version": "0.9.0-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
vnc4

Package

Name
vnc4
Purl
pkg:deb/ubuntu/vnc4@4.1.1+xorg4.3.0-37.3ubuntu2?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.1.1+xorg4.3.0-37.3ubuntu2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vnc4server",
            "binary_version": "4.1.1+xorg4.3.0-37.3ubuntu2"
        },
        {
            "binary_name": "xvnc4viewer",
            "binary_version": "4.1.1+xorg4.3.0-37.3ubuntu2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
wbxml2

Package

Name
wbxml2
Purl
pkg:deb/ubuntu/wbxml2@0.10.7-1build1?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.10.7-1
0.10.7-1build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libwbxml2-0",
            "binary_version": "0.10.7-1build1"
        },
        {
            "binary_name": "libwbxml2-dev",
            "binary_version": "0.10.7-1build1"
        },
        {
            "binary_name": "libwbxml2-utils",
            "binary_version": "0.10.7-1build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
xmlrpc-c

Package

Name
xmlrpc-c
Purl
pkg:deb/ubuntu/xmlrpc-c@1.33.14-8build1?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.33.14-7
1.33.14-8
1.33.14-8build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libxmlrpc-c++8-dev",
            "binary_version": "1.33.14-8build1"
        },
        {
            "binary_name": "libxmlrpc-c++8v5",
            "binary_version": "1.33.14-8build1"
        },
        {
            "binary_name": "libxmlrpc-core-c3",
            "binary_version": "1.33.14-8build1"
        },
        {
            "binary_name": "libxmlrpc-core-c3-dev",
            "binary_version": "1.33.14-8build1"
        },
        {
            "binary_name": "xmlrpc-api-utils",
            "binary_version": "1.33.14-8build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
Ubuntu:20.04:LTS
expat

Package

Name
expat
Purl
pkg:deb/ubuntu/expat@2.2.9-1ubuntu0.8?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.2.7-2
2.2.9-1
2.2.9-1build1
2.2.9-1ubuntu0.2
2.2.9-1ubuntu0.4
2.2.9-1ubuntu0.5
2.2.9-1ubuntu0.6
2.2.9-1ubuntu0.7
2.2.9-1ubuntu0.8

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "expat",
            "binary_version": "2.2.9-1ubuntu0.8"
        },
        {
            "binary_name": "libexpat1",
            "binary_version": "2.2.9-1ubuntu0.8"
        },
        {
            "binary_name": "libexpat1-dev",
            "binary_version": "2.2.9-1ubuntu0.8"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
cadaver

Package

Name
cadaver
Purl
pkg:deb/ubuntu/cadaver@0.23.3-2.1build1?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.23.3-2.1build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "cadaver",
            "binary_version": "0.23.3-2.1build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
insighttoolkit4

Package

Name
insighttoolkit4
Purl
pkg:deb/ubuntu/insighttoolkit4@4.13.2-dfsg1-8?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.12.2-dfsg1-4.1ubuntu1
4.13.2-dfsg1-1ubuntu1
4.13.2-dfsg1-4ubuntu1
4.13.2-dfsg1-6
4.13.2-dfsg1-6ubuntu1
4.13.2-dfsg1-8

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "insighttoolkit4-examples",
            "binary_version": "4.13.2-dfsg1-8"
        },
        {
            "binary_name": "insighttoolkit4-python3",
            "binary_version": "4.13.2-dfsg1-8"
        },
        {
            "binary_name": "libinsighttoolkit4-dev",
            "binary_version": "4.13.2-dfsg1-8"
        },
        {
            "binary_name": "libinsighttoolkit4.13",
            "binary_version": "4.13.2-dfsg1-8"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
matanza

Package

Name
matanza
Purl
pkg:deb/ubuntu/matanza@0.13+ds2-1?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.13+ds1-6
0.13+ds2-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "matanza",
            "binary_version": "0.13+ds2-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
swish-e

Package

Name
swish-e
Purl
pkg:deb/ubuntu/swish-e@2.4.7-6build2?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.4.7-6build1
2.4.7-6build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "swish-e",
            "binary_version": "2.4.7-6build2"
        },
        {
            "binary_name": "swish-e-dev",
            "binary_version": "2.4.7-6build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
tdom

Package

Name
tdom
Purl
pkg:deb/ubuntu/tdom@0.9.1-1?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.1-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tdom",
            "binary_version": "0.9.1-1"
        },
        {
            "binary_name": "tdom-dev",
            "binary_version": "0.9.1-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
wbxml2

Package

Name
wbxml2
Purl
pkg:deb/ubuntu/wbxml2@0.10.7-1build1?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.10.7-1build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libwbxml2-0",
            "binary_version": "0.10.7-1build1"
        },
        {
            "binary_name": "libwbxml2-dev",
            "binary_version": "0.10.7-1build1"
        },
        {
            "binary_name": "libwbxml2-utils",
            "binary_version": "0.10.7-1build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
xmlrpc-c

Package

Name
xmlrpc-c
Purl
pkg:deb/ubuntu/xmlrpc-c@1.33.14-8build2?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.33.14-8build1
1.33.14-8build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libxmlrpc-c++8-dev",
            "binary_version": "1.33.14-8build2"
        },
        {
            "binary_name": "libxmlrpc-c++8v5",
            "binary_version": "1.33.14-8build2"
        },
        {
            "binary_name": "libxmlrpc-core-c3",
            "binary_version": "1.33.14-8build2"
        },
        {
            "binary_name": "libxmlrpc-core-c3-dev",
            "binary_version": "1.33.14-8build2"
        },
        {
            "binary_name": "xmlrpc-api-utils",
            "binary_version": "1.33.14-8build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
Ubuntu:22.04:LTS
cadaver

Package

Name
cadaver
Purl
pkg:deb/ubuntu/cadaver@0.23.3-2.1build1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.23.3-2.1build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "cadaver",
            "binary_version": "0.23.3-2.1build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
expat

Package

Name
expat
Purl
pkg:deb/ubuntu/expat@2.4.7-1ubuntu0.6?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.4.1-2
2.4.1-3
2.4.2-1
2.4.3-1
2.4.3-2
2.4.4-1
2.4.6-1
2.4.7-1
2.4.7-1ubuntu0.1
2.4.7-1ubuntu0.2
2.4.7-1ubuntu0.3
2.4.7-1ubuntu0.4
2.4.7-1ubuntu0.5
2.4.7-1ubuntu0.6

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "expat",
            "binary_version": "2.4.7-1ubuntu0.6"
        },
        {
            "binary_name": "libexpat1",
            "binary_version": "2.4.7-1ubuntu0.6"
        },
        {
            "binary_name": "libexpat1-dev",
            "binary_version": "2.4.7-1ubuntu0.6"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
insighttoolkit4

Package

Name
insighttoolkit4
Purl
pkg:deb/ubuntu/insighttoolkit4@4.13.3withdata-dfsg2-1ubuntu1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.13.3withdata-dfsg1-4.1
4.13.3withdata-dfsg2-1ubuntu1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "insighttoolkit4-examples",
            "binary_version": "4.13.3withdata-dfsg2-1ubuntu1"
        },
        {
            "binary_name": "libinsighttoolkit4-dev",
            "binary_version": "4.13.3withdata-dfsg2-1ubuntu1"
        },
        {
            "binary_name": "libinsighttoolkit4.13",
            "binary_version": "4.13.3withdata-dfsg2-1ubuntu1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
matanza

Package

Name
matanza
Purl
pkg:deb/ubuntu/matanza@0.13+ds2-1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.13+ds2-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "matanza",
            "binary_version": "0.13+ds2-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
swish-e

Package

Name
swish-e
Purl
pkg:deb/ubuntu/swish-e@2.4.7-6.1build1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.4.7-6build3
2.4.7-6.1
2.4.7-6.1build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "swish-e",
            "binary_version": "2.4.7-6.1build1"
        },
        {
            "binary_name": "swish-e-dev",
            "binary_version": "2.4.7-6.1build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
tdom

Package

Name
tdom
Purl
pkg:deb/ubuntu/tdom@0.9.2-1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.2-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tdom",
            "binary_version": "0.9.2-1"
        },
        {
            "binary_name": "tdom-dev",
            "binary_version": "0.9.2-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
wbxml2

Package

Name
wbxml2
Purl
pkg:deb/ubuntu/wbxml2@0.11.7+dfsg-1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.10.7-1build1
0.11.7+dfsg-1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libwbxml2-1",
            "binary_version": "0.11.7+dfsg-1"
        },
        {
            "binary_name": "libwbxml2-dev",
            "binary_version": "0.11.7+dfsg-1"
        },
        {
            "binary_name": "libwbxml2-utils",
            "binary_version": "0.11.7+dfsg-1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
xmlrpc-c

Package

Name
xmlrpc-c
Purl
pkg:deb/ubuntu/xmlrpc-c@1.33.14-10?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.33.14-9
1.33.14-10

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libxmlrpc-c++8-dev",
            "binary_version": "1.33.14-10"
        },
        {
            "binary_name": "libxmlrpc-c++8v5",
            "binary_version": "1.33.14-10"
        },
        {
            "binary_name": "libxmlrpc-core-c3",
            "binary_version": "1.33.14-10"
        },
        {
            "binary_name": "libxmlrpc-core-c3-dev",
            "binary_version": "1.33.14-10"
        },
        {
            "binary_name": "xmlrpc-api-utils",
            "binary_version": "1.33.14-10"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
Ubuntu:24.04:LTS
cadaver

Package

Name
cadaver
Purl
pkg:deb/ubuntu/cadaver@0.24+dfsg-3build2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.24+dfsg-2
0.24+dfsg-3
0.24+dfsg-3build1
0.24+dfsg-3build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "cadaver",
            "binary_version": "0.24+dfsg-3build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
expat

Package

Name
expat
Purl
pkg:deb/ubuntu/expat@2.6.1-2ubuntu0.3?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.5.0-2
2.6.0-1
2.6.1-2
2.6.1-2build1
2.6.1-2ubuntu0.1
2.6.1-2ubuntu0.2
2.6.1-2ubuntu0.3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "expat",
            "binary_version": "2.6.1-2ubuntu0.3"
        },
        {
            "binary_name": "libexpat1",
            "binary_version": "2.6.1-2ubuntu0.3"
        },
        {
            "binary_name": "libexpat1-dev",
            "binary_version": "2.6.1-2ubuntu0.3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
matanza

Package

Name
matanza
Purl
pkg:deb/ubuntu/matanza@0.13+ds2-1build2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.13+ds2-1
0.13+ds2-1build1
0.13+ds2-1build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "matanza",
            "binary_version": "0.13+ds2-1build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
swish-e

Package

Name
swish-e
Purl
pkg:deb/ubuntu/swish-e@2.4.7-6.2build3?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.4.7-6.2
2.4.7-6.2build1
2.4.7-6.2build2
2.4.7-6.2build3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "swish-e",
            "binary_version": "2.4.7-6.2build3"
        },
        {
            "binary_name": "swish-e-dev",
            "binary_version": "2.4.7-6.2build3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
tdom

Package

Name
tdom
Purl
pkg:deb/ubuntu/tdom@0.9.3-1build1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.3-1
0.9.3-1build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tdom",
            "binary_version": "0.9.3-1build1"
        },
        {
            "binary_name": "tdom-dev",
            "binary_version": "0.9.3-1build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
wbxml2

Package

Name
wbxml2
Purl
pkg:deb/ubuntu/wbxml2@0.11.8+dfsg-3build1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.11.8+dfsg-3
0.11.8+dfsg-3build1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libwbxml2-1",
            "binary_version": "0.11.8+dfsg-3build1"
        },
        {
            "binary_name": "libwbxml2-dev",
            "binary_version": "0.11.8+dfsg-3build1"
        },
        {
            "binary_name": "libwbxml2-utils",
            "binary_version": "0.11.8+dfsg-3build1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
xmlrpc-c

Package

Name
xmlrpc-c
Purl
pkg:deb/ubuntu/xmlrpc-c@1.33.14-12build2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.33.14-11
1.33.14-11.1
1.33.14-12
1.33.14-12build1
1.33.14-12build2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libxmlrpc-c++8-dev",
            "binary_version": "1.33.14-12build2"
        },
        {
            "binary_name": "libxmlrpc-c++8t64",
            "binary_version": "1.33.14-12build2"
        },
        {
            "binary_name": "libxmlrpc-core-c3-dev",
            "binary_version": "1.33.14-12build2"
        },
        {
            "binary_name": "libxmlrpc-core-c3t64",
            "binary_version": "1.33.14-12build2"
        },
        {
            "binary_name": "xmlrpc-api-utils",
            "binary_version": "1.33.14-12build2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
Ubuntu:25.10
cadaver

Package

Name
cadaver
Purl
pkg:deb/ubuntu/cadaver@0.26+dfsg-2?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.26+dfsg-2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "cadaver",
            "binary_version": "0.26+dfsg-2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
expat

Package

Name
expat
Purl
pkg:deb/ubuntu/expat@2.7.1-2?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.7.1-1
2.7.1-2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "expat",
            "binary_version": "2.7.1-2"
        },
        {
            "binary_name": "libexpat1",
            "binary_version": "2.7.1-2"
        },
        {
            "binary_name": "libexpat1-dev",
            "binary_version": "2.7.1-2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
matanza

Package

Name
matanza
Purl
pkg:deb/ubuntu/matanza@0.13+ds2-2?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.13+ds2-2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "matanza",
            "binary_version": "0.13+ds2-2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
swish-e

Package

Name
swish-e
Purl
pkg:deb/ubuntu/swish-e@2.4.7-7?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.4.7-6.3
2.4.7-6.3build1
2.4.7-7

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "swish-e",
            "binary_version": "2.4.7-7"
        },
        {
            "binary_name": "swish-e-dev",
            "binary_version": "2.4.7-7"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
tdom

Package

Name
tdom
Purl
pkg:deb/ubuntu/tdom@0.9.5.1-3?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.9.5.1-2
0.9.5.1-3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "tdom",
            "binary_version": "0.9.5.1-3"
        },
        {
            "binary_name": "tdom-dev",
            "binary_version": "0.9.5.1-3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
wbxml2

Package

Name
wbxml2
Purl
pkg:deb/ubuntu/wbxml2@0.11.10+dfsg-2?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*
0.11.10+dfsg-2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libwbxml2-1",
            "binary_version": "0.11.10+dfsg-2"
        },
        {
            "binary_name": "libwbxml2-dev",
            "binary_version": "0.11.10+dfsg-2"
        },
        {
            "binary_name": "libwbxml2-private-dev",
            "binary_version": "0.11.10+dfsg-2"
        },
        {
            "binary_name": "libwbxml2-utils",
            "binary_version": "0.11.10+dfsg-2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
xmlrpc-c

Package

Name
xmlrpc-c
Purl
pkg:deb/ubuntu/xmlrpc-c@1.59.03-10.1?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.59.03-7
1.59.03-9
1.59.03-10
1.59.03-10.1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libxmlrpc-c++9",
            "binary_version": "1.59.03-10.1"
        },
        {
            "binary_name": "libxmlrpc-c++9-dev",
            "binary_version": "1.59.03-10.1"
        },
        {
            "binary_name": "libxmlrpc-core-c3-dev",
            "binary_version": "1.59.03-10.1"
        },
        {
            "binary_name": "libxmlrpc-core-c3t64",
            "binary_version": "1.59.03-10.1"
        },
        {
            "binary_name": "libxmlrpc-util-dev",
            "binary_version": "1.59.03-10.1"
        },
        {
            "binary_name": "libxmlrpc-util4",
            "binary_version": "1.59.03-10.1"
        },
        {
            "binary_name": "xmlrpc-api-utils",
            "binary_version": "1.59.03-10.1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
Ubuntu:Pro:14.04:LTS
coin3

Package

Name
coin3
Purl
pkg:deb/ubuntu/coin3@3.1.4~abc9f50-4ubuntu2+esm1?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.1.4~abc9f50-3
3.1.4~abc9f50-4
3.1.4~abc9f50-4ubuntu2
3.1.4~abc9f50-4ubuntu2+esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libcoin80",
            "binary_version": "3.1.4~abc9f50-4ubuntu2+esm1"
        },
        {
            "binary_name": "libcoin80-dev",
            "binary_version": "3.1.4~abc9f50-4ubuntu2+esm1"
        },
        {
            "binary_name": "libcoin80-runtime",
            "binary_version": "3.1.4~abc9f50-4ubuntu2+esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
expat

Package

Name
expat
Purl
pkg:deb/ubuntu/expat@2.1.0-4ubuntu1.4+esm10?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.1.0-4
2.1.0-4ubuntu1
2.1.0-4ubuntu1.1
2.1.0-4ubuntu1.2
2.1.0-4ubuntu1.3
2.1.0-4ubuntu1.4
2.1.0-4ubuntu1.4+esm1
2.1.0-4ubuntu1.4+esm2
2.1.0-4ubuntu1.4+esm4
2.1.0-4ubuntu1.4+esm6
2.1.0-4ubuntu1.4+esm7
2.1.0-4ubuntu1.4+esm8
2.1.0-4ubuntu1.4+esm9
2.1.0-4ubuntu1.4+esm10

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "expat",
            "binary_version": "2.1.0-4ubuntu1.4+esm10"
        },
        {
            "binary_name": "lib64expat1",
            "binary_version": "2.1.0-4ubuntu1.4+esm10"
        },
        {
            "binary_name": "lib64expat1-dev",
            "binary_version": "2.1.0-4ubuntu1.4+esm10"
        },
        {
            "binary_name": "libexpat1",
            "binary_version": "2.1.0-4ubuntu1.4+esm10"
        },
        {
            "binary_name": "libexpat1-dev",
            "binary_version": "2.1.0-4ubuntu1.4+esm10"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
vnc4

Package

Name
vnc4
Purl
pkg:deb/ubuntu/vnc4@4.1.1+xorg4.3.0-37ubuntu5.0.2+esm1?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.1.1+xorg4.3.0-37ubuntu5
4.1.1+xorg4.3.0-37ubuntu5.0.1
4.1.1+xorg4.3.0-37ubuntu5.0.2
4.1.1+xorg4.3.0-37ubuntu5.0.2+esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vnc4server",
            "binary_version": "4.1.1+xorg4.3.0-37ubuntu5.0.2+esm1"
        },
        {
            "binary_name": "xvnc4viewer",
            "binary_version": "4.1.1+xorg4.3.0-37ubuntu5.0.2+esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
vtk

Package

Name
vtk
Purl
pkg:deb/ubuntu/vtk@5.8.0-14.1ubuntu3+esm1?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*
5.8.0-14ubuntu1
5.8.0-14ubuntu3
5.8.0-14.1ubuntu2
5.8.0-14.1ubuntu3
5.8.0-14.1ubuntu3+esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvtk-java",
            "binary_version": "5.8.0-14.1ubuntu3+esm1"
        },
        {
            "binary_name": "libvtk5-dev",
            "binary_version": "5.8.0-14.1ubuntu3+esm1"
        },
        {
            "binary_name": "libvtk5-qt4-dev",
            "binary_version": "5.8.0-14.1ubuntu3+esm1"
        },
        {
            "binary_name": "libvtk5.8",
            "binary_version": "5.8.0-14.1ubuntu3+esm1"
        },
        {
            "binary_name": "libvtk5.8-qt4",
            "binary_version": "5.8.0-14.1ubuntu3+esm1"
        },
        {
            "binary_name": "python-vtk",
            "binary_version": "5.8.0-14.1ubuntu3+esm1"
        },
        {
            "binary_name": "tcl-vtk",
            "binary_version": "5.8.0-14.1ubuntu3+esm1"
        },
        {
            "binary_name": "vtk-examples",
            "binary_version": "5.8.0-14.1ubuntu3+esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
Ubuntu:Pro:16.04:LTS
expat

Package

Name
expat
Purl
pkg:deb/ubuntu/expat@2.1.0-7ubuntu0.16.04.5+esm11?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.1.0-7
2.1.0-7ubuntu0.16.04.1
2.1.0-7ubuntu0.16.04.2
2.1.0-7ubuntu0.16.04.3
2.1.0-7ubuntu0.16.04.4
2.1.0-7ubuntu0.16.04.5
2.1.0-7ubuntu0.16.04.5+esm2
2.1.0-7ubuntu0.16.04.5+esm5
2.1.0-7ubuntu0.16.04.5+esm6
2.1.0-7ubuntu0.16.04.5+esm7
2.1.0-7ubuntu0.16.04.5+esm8
2.1.0-7ubuntu0.16.04.5+esm9
2.1.0-7ubuntu0.16.04.5+esm10
2.1.0-7ubuntu0.16.04.5+esm11

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "expat",
            "binary_version": "2.1.0-7ubuntu0.16.04.5+esm11"
        },
        {
            "binary_name": "lib64expat1",
            "binary_version": "2.1.0-7ubuntu0.16.04.5+esm11"
        },
        {
            "binary_name": "lib64expat1-dev",
            "binary_version": "2.1.0-7ubuntu0.16.04.5+esm11"
        },
        {
            "binary_name": "libexpat1",
            "binary_version": "2.1.0-7ubuntu0.16.04.5+esm11"
        },
        {
            "binary_name": "libexpat1-dev",
            "binary_version": "2.1.0-7ubuntu0.16.04.5+esm11"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
coin3

Package

Name
coin3
Purl
pkg:deb/ubuntu/coin3@3.1.4~abc9f50+dfsg1-1ubuntu0.1~esm1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.1.4~abc9f50+dfsg1-1
3.1.4~abc9f50+dfsg1-1ubuntu0.1~esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libcoin80-dev",
            "binary_version": "3.1.4~abc9f50+dfsg1-1ubuntu0.1~esm1"
        },
        {
            "binary_name": "libcoin80-runtime",
            "binary_version": "3.1.4~abc9f50+dfsg1-1ubuntu0.1~esm1"
        },
        {
            "binary_name": "libcoin80v5",
            "binary_version": "3.1.4~abc9f50+dfsg1-1ubuntu0.1~esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
libxmltok

Package

Name
libxmltok
Purl
pkg:deb/ubuntu/libxmltok@1.2-3ubuntu0.16.04.1~esm5?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.2-3build3
1.2-3ubuntu0.16.04.1~esm1
1.2-3ubuntu0.16.04.1~esm2
1.2-3ubuntu0.16.04.1~esm3
1.2-3ubuntu0.16.04.1~esm4
1.2-3ubuntu0.16.04.1~esm5

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libxmltok1",
            "binary_version": "1.2-3ubuntu0.16.04.1~esm5"
        },
        {
            "binary_name": "libxmltok1-dev",
            "binary_version": "1.2-3ubuntu0.16.04.1~esm5"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
vnc4

Package

Name
vnc4
Purl
pkg:deb/ubuntu/vnc4@4.1.1+xorg4.3.0-37.3ubuntu2.1+esm1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.1.1+xorg4.3.0-37.3ubuntu2
4.1.1+xorg4.3.0-37.3ubuntu2.1+esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "vnc4server",
            "binary_version": "4.1.1+xorg4.3.0-37.3ubuntu2.1+esm1"
        },
        {
            "binary_name": "xvnc4viewer",
            "binary_version": "4.1.1+xorg4.3.0-37.3ubuntu2.1+esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
vtk

Package

Name
vtk
Purl
pkg:deb/ubuntu/vtk@5.10.1+dfsg-2.1ubuntu0.1~esm1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*
5.10.1+dfsg-2
5.10.1+dfsg-2build3
5.10.1+dfsg-2.1build1
5.10.1+dfsg-2.1ubuntu0.1~esm1

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libvtk-java",
            "binary_version": "5.10.1+dfsg-2.1ubuntu0.1~esm1"
        },
        {
            "binary_name": "libvtk5-dev",
            "binary_version": "5.10.1+dfsg-2.1ubuntu0.1~esm1"
        },
        {
            "binary_name": "libvtk5-qt4-dev",
            "binary_version": "5.10.1+dfsg-2.1ubuntu0.1~esm1"
        },
        {
            "binary_name": "libvtk5.10",
            "binary_version": "5.10.1+dfsg-2.1ubuntu0.1~esm1"
        },
        {
            "binary_name": "libvtk5.10-qt4",
            "binary_version": "5.10.1+dfsg-2.1ubuntu0.1~esm1"
        },
        {
            "binary_name": "python-vtk",
            "binary_version": "5.10.1+dfsg-2.1ubuntu0.1~esm1"
        },
        {
            "binary_name": "tcl-vtk",
            "binary_version": "5.10.1+dfsg-2.1ubuntu0.1~esm1"
        },
        {
            "binary_name": "vtk-examples",
            "binary_version": "5.10.1+dfsg-2.1ubuntu0.1~esm1"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
Ubuntu:Pro:18.04:LTS
expat

Package

Name
expat
Purl
pkg:deb/ubuntu/expat@2.2.5-3ubuntu0.9+esm2?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.2.3-1
2.2.3-2
2.2.5-0ubuntu2
2.2.5-3
2.2.5-3ubuntu0.1
2.2.5-3ubuntu0.2
2.2.5-3ubuntu0.4
2.2.5-3ubuntu0.7
2.2.5-3ubuntu0.8
2.2.5-3ubuntu0.9
2.2.5-3ubuntu0.9+esm1
2.2.5-3ubuntu0.9+esm2

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "expat",
            "binary_version": "2.2.5-3ubuntu0.9+esm2"
        },
        {
            "binary_name": "libexpat1",
            "binary_version": "2.2.5-3ubuntu0.9+esm2"
        },
        {
            "binary_name": "libexpat1-dev",
            "binary_version": "2.2.5-3ubuntu0.9+esm2"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
libxmltok

Package

Name
libxmltok
Purl
pkg:deb/ubuntu/libxmltok@1.2-4ubuntu0.18.04.1~esm5?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.2-4
1.2-4ubuntu0.18.04.1~esm1
1.2-4ubuntu0.18.04.1~esm2
1.2-4ubuntu0.18.04.1~esm3
1.2-4ubuntu0.18.04.1~esm4
1.2-4ubuntu0.18.04.1~esm5

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libxmltok1",
            "binary_version": "1.2-4ubuntu0.18.04.1~esm5"
        },
        {
            "binary_name": "libxmltok1-dev",
            "binary_version": "1.2-4ubuntu0.18.04.1~esm5"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
Ubuntu:Pro:20.04:LTS
libxmltok

Package

Name
libxmltok
Purl
pkg:deb/ubuntu/libxmltok@1.2-4ubuntu0.20.04.1~esm5?arch=source&distro=esm-apps/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.2-4
1.2-4ubuntu0.20.04.1~esm1
1.2-4ubuntu0.20.04.1~esm2
1.2-4ubuntu0.20.04.1~esm3
1.2-4ubuntu0.20.04.1~esm4
1.2-4ubuntu0.20.04.1~esm5

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libxmltok1",
            "binary_version": "1.2-4ubuntu0.20.04.1~esm5"
        },
        {
            "binary_name": "libxmltok1-dev",
            "binary_version": "1.2-4ubuntu0.20.04.1~esm5"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
Ubuntu:Pro:22.04:LTS
libxmltok

Package

Name
libxmltok
Purl
pkg:deb/ubuntu/libxmltok@1.2-4ubuntu0.22.04.1~esm5?arch=source&distro=esm-apps/jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.2-4
1.2-4ubuntu0.22.04.1~esm1
1.2-4ubuntu0.22.04.1~esm2
1.2-4ubuntu0.22.04.1~esm3
1.2-4ubuntu0.22.04.1~esm4
1.2-4ubuntu0.22.04.1~esm5

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libxmltok1",
            "binary_version": "1.2-4ubuntu0.22.04.1~esm5"
        },
        {
            "binary_name": "libxmltok1-dev",
            "binary_version": "1.2-4ubuntu0.22.04.1~esm5"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"
Ubuntu:Pro:24.04:LTS
libxmltok

Package

Name
libxmltok
Purl
pkg:deb/ubuntu/libxmltok@1.2-4.1ubuntu2.24.0.4.1+esm3?arch=source&distro=esm-apps/noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.2-4ubuntu1
1.2-4.1ubuntu1
1.2-4.1ubuntu2
1.2-4.1ubuntu2.24.0.4.1+esm1
1.2-4.1ubuntu2.24.0.4.1+esm2
1.2-4.1ubuntu2.24.0.4.1+esm3

Ecosystem specific 

{
    "binaries": [
        {
            "binary_name": "libxmltok1-dev",
            "binary_version": "1.2-4.1ubuntu2.24.0.4.1+esm3"
        },
        {
            "binary_name": "libxmltok1t64",
            "binary_version": "1.2-4.1ubuntu2.24.0.4.1+esm3"
        }
    ]
}

Database specific

source 
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-25210.json"