Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/php@4.3.9-3.22?arch=15

Type rpm

Namespace redhat

Name php

Version 4.3.9-3.22

Qualifiers

arch	15

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-21m2-srah-5fcn

vulnerability_id

VCID-21m2-srah-5fcn

summary

PHP contains several vulnerabilities including buffer and integer overflows
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://bugs.gentoo.org/show_bug.cgi?id=234102
reference_id
reference_type
scores
url	http://bugs.gentoo.org/show_bug.cgi?id=234102

reference_url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00006.html

reference_url	http://marc.info/?l=bugtraq&m=123376588623823&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=123376588623823&w=2

reference_url	http://marc.info/?l=bugtraq&m=125631037611762&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=125631037611762&w=2

reference_url	http://news.php.net/php.cvs/51219
reference_id
reference_type
scores
url	http://news.php.net/php.cvs/51219

reference_url	http://osvdb.org/47484
reference_id
reference_type
scores
url	http://osvdb.org/47484

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3658.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3658.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3658

reference_id

reference_type

scores

value	0.10745
scoring_system	epss
scoring_elements	0.93363
published_at	2026-04-21T12:55:00Z

value	0.10745
scoring_system	epss
scoring_elements	0.93304
published_at	2026-04-01T12:55:00Z

value	0.10745
scoring_system	epss
scoring_elements	0.93312
published_at	2026-04-02T12:55:00Z

value	0.10745
scoring_system	epss
scoring_elements	0.93318
published_at	2026-04-04T12:55:00Z

value	0.10745
scoring_system	epss
scoring_elements	0.93316
published_at	2026-04-07T12:55:00Z

value	0.10745
scoring_system	epss
scoring_elements	0.93325
published_at	2026-04-08T12:55:00Z

value	0.10745
scoring_system	epss
scoring_elements	0.93329
published_at	2026-04-09T12:55:00Z

value	0.10745
scoring_system	epss
scoring_elements	0.93334
published_at	2026-04-11T12:55:00Z

value	0.10745
scoring_system	epss
scoring_elements	0.93332
published_at	2026-04-12T12:55:00Z

value	0.10745
scoring_system	epss
scoring_elements	0.93333
published_at	2026-04-13T12:55:00Z

value	0.10745
scoring_system	epss
scoring_elements	0.93351
published_at	2026-04-16T12:55:00Z

value	0.10745
scoring_system	epss
scoring_elements	0.93356
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3658

reference_url	http://secunia.com/advisories/31982
reference_id
reference_type
scores
url	http://secunia.com/advisories/31982

reference_url	http://secunia.com/advisories/32148
reference_id
reference_type
scores
url	http://secunia.com/advisories/32148

reference_url	http://secunia.com/advisories/32316
reference_id
reference_type
scores
url	http://secunia.com/advisories/32316

reference_url	http://secunia.com/advisories/32746
reference_id
reference_type
scores
url	http://secunia.com/advisories/32746

reference_url	http://secunia.com/advisories/32884
reference_id
reference_type
scores
url	http://secunia.com/advisories/32884

reference_url	http://secunia.com/advisories/33797
reference_id
reference_type
scores
url	http://secunia.com/advisories/33797

reference_url	http://secunia.com/advisories/35074
reference_id
reference_type
scores
url	http://secunia.com/advisories/35074

reference_url	http://secunia.com/advisories/35306
reference_id
reference_type
scores
url	http://secunia.com/advisories/35306

reference_url	http://security.gentoo.org/glsa/glsa-200811-05.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200811-05.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44401
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44401

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9724
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9724

reference_url	http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3549

reference_url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html

reference_url	http://wiki.rpath.com/Advisories:rPSA-2009-0035
reference_id
reference_type
scores
url	http://wiki.rpath.com/Advisories:rPSA-2009-0035

reference_url	http://www.debian.org/security/2008/dsa-1647
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1647

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:021
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:021

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:022
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:022

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:023
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:023

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:024
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:024

reference_url	http://www.openwall.com/lists/oss-security/2008/08/08/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/08/08/2

reference_url	http://www.openwall.com/lists/oss-security/2008/08/13/8
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/08/13/8

reference_url	http://www.php.net/archive/2008.php#id2008-08-07-1
reference_id
reference_type
scores
url	http://www.php.net/archive/2008.php#id2008-08-07-1

reference_url	http://www.redhat.com/support/errata/RHSA-2009-0350.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2009-0350.html

reference_url	http://www.securityfocus.com/archive/1/498647/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/498647/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/501376/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/501376/100/0/threaded

reference_url	http://www.securityfocus.com/bid/30649
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/30649

reference_url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html

reference_url	http://www.vupen.com/english/advisories/2008/2336
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2336

reference_url	http://www.vupen.com/english/advisories/2008/3275
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/3275

reference_url	http://www.vupen.com/english/advisories/2009/0320
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/0320

reference_url	http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/1297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=459529
reference_id	459529
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=459529

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:::::::*
reference_id	cpe:2.3:a:php:php:4.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:::::::*
reference_id	cpe:2.3:a:php:php:4.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:::::::*
reference_id	cpe:2.3:a:php:php:4.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:::::::*
reference_id	cpe:2.3:a:php:php:4.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:::::::*
reference_id	cpe:2.3:a:php:php:4.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:::::::*
reference_id	cpe:2.3:a:php:php:4.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:::::::*
reference_id	cpe:2.3:a:php:php:4.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:::::::*
reference_id	cpe:2.3:a:php:php:4.4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:::::::*
reference_id	cpe:2.3:a:php:php:4.4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:::::::*
reference_id	cpe:2.3:a:php:php:5.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:::::::*
reference_id	cpe:2.3:a:php:php:5.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:::::::*
reference_id	cpe:2.3:a:php:php:5.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:::::::*
reference_id	cpe:2.3:a:php:php:5.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:::::::*
reference_id	cpe:2.3:a:php:php:5.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:::::::*
reference_id	cpe:2.3:a:php:php:5.2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:::::::*
reference_id	cpe:2.3:a:php:php:5.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-3658

reference_id

CVE-2008-3658

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-3658

reference_url	https://security.gentoo.org/glsa/200811-05
reference_id	GLSA-200811-05
reference_type
scores
url	https://security.gentoo.org/glsa/200811-05

reference_url	https://access.redhat.com/errata/RHSA-2009:0337
reference_id	RHSA-2009:0337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0337

reference_url	https://access.redhat.com/errata/RHSA-2009:0338
reference_id	RHSA-2009:0338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0338

reference_url	https://usn.ubuntu.com/720-1/
reference_id	USN-720-1
reference_type
scores
url	https://usn.ubuntu.com/720-1/

fixed_packages

aliases

CVE-2008-3658

risk_score

3.4

exploitability

0.5

weighted_severity

6.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-21m2-srah-5fcn

url

VCID-4urv-z3q8-gfc3

vulnerability_id

VCID-4urv-z3q8-gfc3

summary

PHP contains several vulnerabilities including buffer and integer overflows
    which could lead to the remote execution of arbitrary code.

references

reference_url	http://bugs.gentoo.org/show_bug.cgi?id=234102
reference_id
reference_type
scores
url	http://bugs.gentoo.org/show_bug.cgi?id=234102

reference_url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html

reference_url	http://marc.info/?l=bugtraq&m=124654546101607&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=124654546101607&w=2

reference_url	http://marc.info/?l=bugtraq&m=125631037611762&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=125631037611762&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3660.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3660.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3660

reference_id

reference_type

scores

value	0.1412
scoring_system	epss
scoring_elements	0.94384
published_at	2026-04-21T12:55:00Z

value	0.1412
scoring_system	epss
scoring_elements	0.94377
published_at	2026-04-16T12:55:00Z

value	0.1412
scoring_system	epss
scoring_elements	0.94382
published_at	2026-04-18T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94745
published_at	2026-04-07T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94754
published_at	2026-04-08T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94731
published_at	2026-04-01T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94762
published_at	2026-04-11T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94766
published_at	2026-04-13T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94758
published_at	2026-04-09T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.9474
published_at	2026-04-02T12:55:00Z

value	0.15974
scoring_system	epss
scoring_elements	0.94744
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3660

reference_url	http://secunia.com/advisories/31982
reference_id
reference_type
scores
url	http://secunia.com/advisories/31982

reference_url	http://secunia.com/advisories/32148
reference_id
reference_type
scores
url	http://secunia.com/advisories/32148

reference_url	http://secunia.com/advisories/32746
reference_id
reference_type
scores
url	http://secunia.com/advisories/32746

reference_url	http://secunia.com/advisories/35074
reference_id
reference_type
scores
url	http://secunia.com/advisories/35074

reference_url	http://secunia.com/advisories/35306
reference_id
reference_type
scores
url	http://secunia.com/advisories/35306

reference_url	http://secunia.com/advisories/35650
reference_id
reference_type
scores
url	http://secunia.com/advisories/35650

reference_url	http://security.gentoo.org/glsa/glsa-200811-05.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200811-05.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44402
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44402

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9597
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9597

reference_url	http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3549

reference_url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html

reference_url	http://wiki.rpath.com/Advisories:rPSA-2009-0035
reference_id
reference_type
scores
url	http://wiki.rpath.com/Advisories:rPSA-2009-0035

reference_url	http://www.debian.org/security/2008/dsa-1647
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1647

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:021
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:021

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:022
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:022

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:023
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:023

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:024
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:024

reference_url	http://www.openwall.com/lists/oss-security/2008/08/08/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/08/08/2

reference_url	http://www.openwall.com/lists/oss-security/2008/08/13/8
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2008/08/13/8

reference_url	http://www.redhat.com/support/errata/RHSA-2009-0350.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2009-0350.html

reference_url	http://www.securityfocus.com/archive/1/501376/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/501376/100/0/threaded

reference_url	http://www.securitytracker.com/id?1020994
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020994

reference_url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html

reference_url	http://www.vupen.com/english/advisories/2008/2336
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2336

reference_url	http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/1297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=459572
reference_id	459572
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=459572

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:::::::*
reference_id	cpe:2.3:a:php:php:4.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:::::::*
reference_id	cpe:2.3:a:php:php:4.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:::::::*
reference_id	cpe:2.3:a:php:php:4.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:::::::*
reference_id	cpe:2.3:a:php:php:4.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:::::::*
reference_id	cpe:2.3:a:php:php:4.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:::::::*
reference_id	cpe:2.3:a:php:php:4.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:::::::*
reference_id	cpe:2.3:a:php:php:4.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:::::::*
reference_id	cpe:2.3:a:php:php:4.4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:::::::*
reference_id	cpe:2.3:a:php:php:4.4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:::::::*
reference_id	cpe:2.3:a:php:php:5.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:::::::*
reference_id	cpe:2.3:a:php:php:5.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:::::::*
reference_id	cpe:2.3:a:php:php:5.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:::::::*
reference_id	cpe:2.3:a:php:php:5.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:::::::*
reference_id	cpe:2.3:a:php:php:5.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:::::::*
reference_id	cpe:2.3:a:php:php:5.2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:::::::*
reference_id	cpe:2.3:a:php:php:5.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-3660

reference_id

CVE-2008-3660

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-3660

reference_url	https://security.gentoo.org/glsa/200811-05
reference_id	GLSA-200811-05
reference_type
scores
url	https://security.gentoo.org/glsa/200811-05

reference_url	https://access.redhat.com/errata/RHSA-2009:0337
reference_id	RHSA-2009:0337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0337

reference_url	https://access.redhat.com/errata/RHSA-2009:0338
reference_id	RHSA-2009:0338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0338

reference_url	https://usn.ubuntu.com/720-1/
reference_id	USN-720-1
reference_type
scores
url	https://usn.ubuntu.com/720-1/

fixed_packages

aliases

CVE-2008-3660

risk_score

2.2

exploitability

0.5

weighted_severity

4.5

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-4urv-z3q8-gfc3

url

VCID-saq8-dj13-bfcy

vulnerability_id

VCID-saq8-dj13-bfcy

summary

Multiple vulnerabilities were found in PHP, the worst of which leading to
    the remote execution of arbitrary code.

references

reference_url	http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1360&r2=1.2027.2.547.2.1361&diff_format=u
reference_id
reference_type
scores
url	http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1360&r2=1.2027.2.547.2.1361&diff_format=u

reference_url	http://downloads.securityfocus.com/vulnerabilities/exploits/33002-2.php
reference_id
reference_type
scores
url	http://downloads.securityfocus.com/vulnerabilities/exploits/33002-2.php

reference_url	http://downloads.securityfocus.com/vulnerabilities/exploits/33002.php
reference_id
reference_type
scores
url	http://downloads.securityfocus.com/vulnerabilities/exploits/33002.php

reference_url	http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

reference_url	http://marc.info/?l=bugtraq&m=124654546101607&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=124654546101607&w=2

reference_url	http://marc.info/?l=bugtraq&m=125631037611762&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=125631037611762&w=2

reference_url	http://osvdb.org/51031
reference_id
reference_type
scores
url	http://osvdb.org/51031

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5498.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5498.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-5498

reference_id

reference_type

scores

value	0.10269
scoring_system	epss
scoring_elements	0.9319
published_at	2026-04-21T12:55:00Z

value	0.10269
scoring_system	epss
scoring_elements	0.93132
published_at	2026-04-01T12:55:00Z

value	0.10269
scoring_system	epss
scoring_elements	0.93141
published_at	2026-04-02T12:55:00Z

value	0.10269
scoring_system	epss
scoring_elements	0.93145
published_at	2026-04-04T12:55:00Z

value	0.10269
scoring_system	epss
scoring_elements	0.93144
published_at	2026-04-07T12:55:00Z

value	0.10269
scoring_system	epss
scoring_elements	0.93152
published_at	2026-04-08T12:55:00Z

value	0.10269
scoring_system	epss
scoring_elements	0.93157
published_at	2026-04-09T12:55:00Z

value	0.10269
scoring_system	epss
scoring_elements	0.93162
published_at	2026-04-11T12:55:00Z

value	0.10269
scoring_system	epss
scoring_elements	0.93159
published_at	2026-04-12T12:55:00Z

value	0.10269
scoring_system	epss
scoring_elements	0.93161
published_at	2026-04-13T12:55:00Z

value	0.10269
scoring_system	epss
scoring_elements	0.93177
published_at	2026-04-16T12:55:00Z

value	0.10269
scoring_system	epss
scoring_elements	0.93182
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5498

reference_url	http://secunia.com/advisories/34642
reference_id
reference_type
scores
url	http://secunia.com/advisories/34642

reference_url	http://secunia.com/advisories/35306
reference_id
reference_type
scores
url	http://secunia.com/advisories/35306

reference_url	http://secunia.com/advisories/35650
reference_id
reference_type
scores
url	http://secunia.com/advisories/35650

reference_url	http://secunia.com/advisories/36701
reference_id
reference_type
scores
url	http://secunia.com/advisories/36701

reference_url	http://securitytracker.com/id?1021494
reference_id
reference_type
scores
url	http://securitytracker.com/id?1021494

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/47635
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/47635

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9667
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9667

reference_url	http://support.apple.com/kb/HT3865
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3865

reference_url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:021
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:021

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:022
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:022

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:023
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:023

reference_url	http://www.php.net/releases/5_2_9.php
reference_id
reference_type
scores
url	http://www.php.net/releases/5_2_9.php

reference_url	http://www.redhat.com/support/errata/RHSA-2009-0350.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2009-0350.html

reference_url	http://www.securityfocus.com/bid/33002
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/33002

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=478425
reference_id	478425
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=478425

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5:::::::*
reference_id	cpe:2.3:a:php:php:5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:::::::*
reference_id	cpe:2.3:a:php:php:5.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta1::::::
reference_id	cpe:2.3:a:php:php:5.0.0:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta2::::::
reference_id	cpe:2.3:a:php:php:5.0.0:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta3::::::
reference_id	cpe:2.3:a:php:php:5.0.0:beta3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta4::::::
reference_id	cpe:2.3:a:php:php:5.0.0:beta4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:rc1::::::
reference_id	cpe:2.3:a:php:php:5.0.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:rc2::::::
reference_id	cpe:2.3:a:php:php:5.0.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:rc3::::::
reference_id	cpe:2.3:a:php:php:5.0.0:rc3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:rc3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.1:::::::*
reference_id	cpe:2.3:a:php:php:5.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.2:::::::*
reference_id	cpe:2.3:a:php:php:5.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.3:::::::*
reference_id	cpe:2.3:a:php:php:5.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.4:::::::*
reference_id	cpe:2.3:a:php:php:5.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.5:::::::*
reference_id	cpe:2.3:a:php:php:5.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc1::::::
reference_id	cpe:2.3:a:php:php:5.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc2::::::
reference_id	cpe:2.3:a:php:php:5.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc3::::::
reference_id	cpe:2.3:a:php:php:5.0:rc3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0:rc3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.0:::::::*
reference_id	cpe:2.3:a:php:php:5.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.1:::::::*
reference_id	cpe:2.3:a:php:php:5.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.2:::::::*
reference_id	cpe:2.3:a:php:php:5.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.3:::::::*
reference_id	cpe:2.3:a:php:php:5.1.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.4:::::::*
reference_id	cpe:2.3:a:php:php:5.1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.5:::::::*
reference_id	cpe:2.3:a:php:php:5.1.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.6:::::::*
reference_id	cpe:2.3:a:php:php:5.1.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:::::::*
reference_id	cpe:2.3:a:php:php:5.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:::::::*
reference_id	cpe:2.3:a:php:php:5.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:::::::*
reference_id	cpe:2.3:a:php:php:5.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:::::::*
reference_id	cpe:2.3:a:php:php:5.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:::::::*
reference_id	cpe:2.3:a:php:php:5.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:::::::*
reference_id	cpe:2.3:a:php:php:5.2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:::::::*
reference_id	cpe:2.3:a:php:php:5.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.7:::::::*
reference_id	cpe:2.3:a:php:php:5.2.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-5498

reference_id

CVE-2008-5498

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2008-5498

reference_url	https://security.gentoo.org/glsa/201001-03
reference_id	GLSA-201001-03
reference_type
scores
url	https://security.gentoo.org/glsa/201001-03

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/7646.txt
reference_id	OSVDB-51031;CVE-2008-5498
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/7646.txt

reference_url	https://access.redhat.com/errata/RHSA-2009:0337
reference_id	RHSA-2009:0337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0337

reference_url	https://access.redhat.com/errata/RHSA-2009:0338
reference_id	RHSA-2009:0338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0338

fixed_packages

aliases

CVE-2008-5498

risk_score

9.0

exploitability

2.0

weighted_severity

4.5

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-saq8-dj13-bfcy

url

VCID-suxh-3hb2-wbex

vulnerability_id

VCID-suxh-3hb2-wbex

summary

Multiple vulnerabilities were found in PHP, the worst of which leading to
    the remote execution of arbitrary code.

references

reference_url	http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0477.html
reference_id
reference_type
scores
url	http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0477.html

reference_url	http://bugs.php.net/bug.php?id=45722
reference_id
reference_type
scores
url	http://bugs.php.net/bug.php?id=45722

reference_url	http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/libmbfl/filters/mbfilter_htmlent.c?r1=1.7&r2=1.8
reference_id
reference_type
scores
url	http://cvs.php.net/viewvc.cgi/php-src/ext/mbstring/libmbfl/filters/mbfilter_htmlent.c?r1=1.7&r2=1.8

reference_url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444
reference_id
reference_type
scores
url	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444

reference_url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

reference_url	http://marc.info/?l=bugtraq&m=124654546101607&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=124654546101607&w=2

reference_url	http://marc.info/?l=bugtraq&m=125631037611762&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=125631037611762&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5557.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5557.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-5557

reference_id

reference_type

scores

value	0.29698
scoring_system	epss
scoring_elements	0.96639
published_at	2026-04-21T12:55:00Z

value	0.29698
scoring_system	epss
scoring_elements	0.96591
published_at	2026-04-01T12:55:00Z

value	0.29698
scoring_system	epss
scoring_elements	0.966
published_at	2026-04-02T12:55:00Z

value	0.29698
scoring_system	epss
scoring_elements	0.96605
published_at	2026-04-04T12:55:00Z

value	0.29698
scoring_system	epss
scoring_elements	0.96608
published_at	2026-04-07T12:55:00Z

value	0.29698
scoring_system	epss
scoring_elements	0.96616
published_at	2026-04-08T12:55:00Z

value	0.29698
scoring_system	epss
scoring_elements	0.96618
published_at	2026-04-09T12:55:00Z

value	0.29698
scoring_system	epss
scoring_elements	0.9662
published_at	2026-04-11T12:55:00Z

value	0.29698
scoring_system	epss
scoring_elements	0.96621
published_at	2026-04-12T12:55:00Z

value	0.29698
scoring_system	epss
scoring_elements	0.96624
published_at	2026-04-13T12:55:00Z

value	0.29698
scoring_system	epss
scoring_elements	0.9663
published_at	2026-04-16T12:55:00Z

value	0.29698
scoring_system	epss
scoring_elements	0.96635
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5557

reference_url	http://secunia.com/advisories/34642
reference_id
reference_type
scores
url	http://secunia.com/advisories/34642

reference_url	http://secunia.com/advisories/35003
reference_id
reference_type
scores
url	http://secunia.com/advisories/35003

reference_url	http://secunia.com/advisories/35074
reference_id
reference_type
scores
url	http://secunia.com/advisories/35074

reference_url	http://secunia.com/advisories/35306
reference_id
reference_type
scores
url	http://secunia.com/advisories/35306

reference_url	http://secunia.com/advisories/35650
reference_id
reference_type
scores
url	http://secunia.com/advisories/35650

reference_url	http://securitytracker.com/id?1021482
reference_id
reference_type
scores
url	http://securitytracker.com/id?1021482

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/47525
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/47525

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10286
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10286

reference_url	http://support.apple.com/kb/HT3549
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3549

reference_url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html

reference_url	http://wiki.rpath.com/Advisories:rPSA-2009-0035
reference_id
reference_type
scores
url	http://wiki.rpath.com/Advisories:rPSA-2009-0035

reference_url	http://www.debian.org/security/2009/dsa-1789
reference_id
reference_type
scores
url	http://www.debian.org/security/2009/dsa-1789

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:045
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:045

reference_url	http://www.php.net/ChangeLog-5.php#5.2.7
reference_id
reference_type
scores
url	http://www.php.net/ChangeLog-5.php#5.2.7

reference_url	http://www.redhat.com/support/errata/RHSA-2009-0350.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2009-0350.html

reference_url	http://www.securityfocus.com/archive/1/501376/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/501376/100/0/threaded

reference_url	http://www.securityfocus.com/bid/32948
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/32948

reference_url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html
reference_id
reference_type
scores
url	http://www.us-cert.gov/cas/techalerts/TA09-133A.html

reference_url	http://www.vupen.com/english/advisories/2009/1297
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2009/1297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=478848
reference_id	478848
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=478848

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.0:::::::*
reference_id	cpe:2.3:a:php:php:4.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.1:::::::*
reference_id	cpe:2.3:a:php:php:4.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.10:::::::*
reference_id	cpe:2.3:a:php:php:4.3.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.11:::::::*
reference_id	cpe:2.3:a:php:php:4.3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.2:::::::*
reference_id	cpe:2.3:a:php:php:4.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.3:::::::*
reference_id	cpe:2.3:a:php:php:4.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.4:::::::*
reference_id	cpe:2.3:a:php:php:4.3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.5:::::::*
reference_id	cpe:2.3:a:php:php:4.3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.6:::::::*
reference_id	cpe:2.3:a:php:php:4.3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.7:::::::*
reference_id	cpe:2.3:a:php:php:4.3.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.8:::::::*
reference_id	cpe:2.3:a:php:php:4.3.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.9:::::::*
reference_id	cpe:2.3:a:php:php:4.3.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.3.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:::::::*
reference_id	cpe:2.3:a:php:php:4.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:::::::*
reference_id	cpe:2.3:a:php:php:4.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:::::::*
reference_id	cpe:2.3:a:php:php:4.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:::::::*
reference_id	cpe:2.3:a:php:php:4.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:::::::*
reference_id	cpe:2.3:a:php:php:4.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:::::::*
reference_id	cpe:2.3:a:php:php:4.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:::::::*
reference_id	cpe:2.3:a:php:php:4.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:::::::*
reference_id	cpe:2.3:a:php:php:4.4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:::::::*
reference_id	cpe:2.3:a:php:php:4.4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.9:::::::*
reference_id	cpe:2.3:a:php:php:4.4.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:::::::*
reference_id	cpe:2.3:a:php:php:5.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta1::::::
reference_id	cpe:2.3:a:php:php:5.0.0:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta2::::::
reference_id	cpe:2.3:a:php:php:5.0.0:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta3::::::
reference_id	cpe:2.3:a:php:php:5.0.0:beta3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta4::::::
reference_id	cpe:2.3:a:php:php:5.0.0:beta4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:beta4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:rc1::::::
reference_id	cpe:2.3:a:php:php:5.0.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:rc2::::::
reference_id	cpe:2.3:a:php:php:5.0.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:rc3::::::
reference_id	cpe:2.3:a:php:php:5.0.0:rc3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.0:rc3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.1:::::::*
reference_id	cpe:2.3:a:php:php:5.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.2:::::::*
reference_id	cpe:2.3:a:php:php:5.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.3:::::::*
reference_id	cpe:2.3:a:php:php:5.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.4:::::::*
reference_id	cpe:2.3:a:php:php:5.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.5:::::::*
reference_id	cpe:2.3:a:php:php:5.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.0:::::::*
reference_id	cpe:2.3:a:php:php:5.1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.1:::::::*
reference_id	cpe:2.3:a:php:php:5.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.2:::::::*
reference_id	cpe:2.3:a:php:php:5.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.3:::::::*
reference_id	cpe:2.3:a:php:php:5.1.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.4:::::::*
reference_id	cpe:2.3:a:php:php:5.1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.5:::::::*
reference_id	cpe:2.3:a:php:php:5.1.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.6:::::::*
reference_id	cpe:2.3:a:php:php:5.1.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:::::::*
reference_id	cpe:2.3:a:php:php:5.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:::::::*
reference_id	cpe:2.3:a:php:php:5.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:::::::*
reference_id	cpe:2.3:a:php:php:5.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:::::::*
reference_id	cpe:2.3:a:php:php:5.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:::::::*
reference_id	cpe:2.3:a:php:php:5.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:::::::*
reference_id	cpe:2.3:a:php:php:5.2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:::::::*
reference_id	cpe:2.3:a:php:php:5.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.2.6:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-5557

reference_id

CVE-2008-5557

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2008-5557

reference_url	https://security.gentoo.org/glsa/201001-03
reference_id	GLSA-201001-03
reference_type
scores
url	https://security.gentoo.org/glsa/201001-03

reference_url	https://access.redhat.com/errata/RHSA-2009:0337
reference_id	RHSA-2009:0337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0337

reference_url	https://access.redhat.com/errata/RHSA-2009:0338
reference_id	RHSA-2009:0338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0338

reference_url	https://usn.ubuntu.com/720-1/
reference_id	USN-720-1
reference_type
scores
url	https://usn.ubuntu.com/720-1/

fixed_packages

aliases

CVE-2008-5557

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-suxh-3hb2-wbex

url

VCID-uvv4-prbj-eqf8

vulnerability_id

VCID-uvv4-prbj-eqf8

summary

Multiple vulnerabilities were found in PHP, the worst of which leading to
    the remote execution of arbitrary code.

references

reference_url	http://bugs.php.net/bug.php?id=27421
reference_id
reference_type
scores
url	http://bugs.php.net/bug.php?id=27421

reference_url	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0754.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0754.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-0754

reference_id

reference_type

scores

value	0.00158
scoring_system	epss
scoring_elements	0.36554
published_at	2026-04-21T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36525
published_at	2026-04-01T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36697
published_at	2026-04-02T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36729
published_at	2026-04-04T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36567
published_at	2026-04-07T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36618
published_at	2026-04-08T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36637
published_at	2026-04-09T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36645
published_at	2026-04-11T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.3661
published_at	2026-04-12T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36586
published_at	2026-04-13T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36632
published_at	2026-04-16T12:55:00Z

value	0.00158
scoring_system	epss
scoring_elements	0.36614
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-0754

reference_url	http://secunia.com/advisories/34642
reference_id
reference_type
scores
url	http://secunia.com/advisories/34642

reference_url	http://secunia.com/advisories/34830
reference_id
reference_type
scores
url	http://secunia.com/advisories/34830

reference_url	http://secunia.com/advisories/35003
reference_id
reference_type
scores
url	http://secunia.com/advisories/35003

reference_url	http://secunia.com/advisories/35007
reference_id
reference_type
scores
url	http://secunia.com/advisories/35007

reference_url	http://secunia.com/advisories/35306
reference_id
reference_type
scores
url	http://secunia.com/advisories/35306

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11035
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11035

reference_url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01451.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01465.html

reference_url	http://www.debian.org/security/2009/dsa-1789
reference_id
reference_type
scores
url	http://www.debian.org/security/2009/dsa-1789

reference_url	http://www.openwall.com/lists/oss-security/2009/01/30/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2009/01/30/1

reference_url	http://www.openwall.com/lists/oss-security/2009/02/03/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2009/02/03/3

reference_url	http://www.openwall.com/lists/oss-security/2009/02/25/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2009/02/25/3

reference_url	http://www.redhat.com/support/errata/RHSA-2009-0350.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2009-0350.html

reference_url	http://www.securitytracker.com/id?1021979
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1021979

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=479272
reference_id	479272
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=479272

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apache::::::::
reference_id	cpe:2.3:a:apache:apache::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:apache::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:::::::*
reference_id	cpe:2.3:a:php:php:4.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:4.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.6:::::::*
reference_id	cpe:2.3:a:php:php:5.1.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.1.6:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2009-0754

reference_id

CVE-2009-0754

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2009-0754

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/32769.php
reference_id	CVE-2009-0754;OSVDB-53574
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/32769.php

reference_url	https://www.securityfocus.com/bid/33542/info
reference_id	CVE-2009-0754;OSVDB-53574
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/33542/info

reference_url	https://security.gentoo.org/glsa/201001-03
reference_id	GLSA-201001-03
reference_type
scores
url	https://security.gentoo.org/glsa/201001-03

reference_url	https://access.redhat.com/errata/RHSA-2009:0337
reference_id	RHSA-2009:0337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0337

reference_url	https://access.redhat.com/errata/RHSA-2009:0338
reference_id	RHSA-2009:0338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:0338

reference_url	https://usn.ubuntu.com/761-1/
reference_id	USN-761-1
reference_type
scores
url	https://usn.ubuntu.com/761-1/

fixed_packages

aliases

CVE-2009-0754

risk_score

3.8

exploitability

2.0

weighted_severity

1.9

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-uvv4-prbj-eqf8

Fixing_vulnerabilities

Risk_score 9.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@4.3.9-3.22%3Farch=15

Package Instance