Automated analysis has detected that the following third party packages have had vulnerabilities publicly reported. 

NOTE: There may be several bugs listed below - in almost all cases, all bugs can be quickly addressed by upgrading to the latest version of the package.

Package Name: libxml
Package Version: [cpe:/a:xmlsoft:libxml2:2.7.7]

Advisory: CVE-2016-9596
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2016-9596
  CVSS severity score: 4.3/10.0
  Confidence: high
  Description:

libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-3627.
Advisory: CVE-2016-9598
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2016-9598
  CVSS severity score: 4.3/10.0
  Confidence: high
  Description:

libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted XML document. NOTE: this vulnerability exists because of a missing fix for CVE-2016-4483.