Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/392443?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/392443?format=api", "purl": "pkg:apk/alpine/php82@8.2.28-r0?arch=s390x&distroversion=v3.21&reponame=community", "type": "apk", "namespace": "alpine", "name": "php82", "version": "8.2.28-r0", "qualifiers": { "arch": "s390x", "distroversion": "v3.21", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70597?format=api", "vulnerability_id": "VCID-bf18-3zx5-f7gr", "summary": "php: Header parser of http stream wrapper does not handle folded headers", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2253", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22487", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27005", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27097", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27053", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26996", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2698", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27049", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27094", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1217" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355917", "reference_id": "2355917", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355917" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g", "reference_id": "GHSA-v8xr-gpvj-cx9g", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/R:A" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T13:23:16Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-v8xr-gpvj-cx9g" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15687", "reference_id": "RHSA-2025:15687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4263", "reference_id": "RHSA-2025:4263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7418", "reference_id": "RHSA-2025:7418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7431", "reference_id": "RHSA-2025:7431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7432", "reference_id": "RHSA-2025:7432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7489", "reference_id": "RHSA-2025:7489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7400-1/", "reference_id": "USN-7400-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7400-1/" }, { "reference_url": "https://usn.ubuntu.com/7645-1/", "reference_id": "USN-7645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7645-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392443?format=api", "purl": "pkg:apk/alpine/php82@8.2.28-r0?arch=s390x&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.28-r0%3Farch=s390x&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2025-1217" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bf18-3zx5-f7gr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70593?format=api", "vulnerability_id": "VCID-nrnn-pgxj-xugg", "summary": "php: Stream HTTP wrapper truncates redirect location to 1024 bytes", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1861.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1861.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00705", "scoring_system": "epss", "scoring_elements": "0.72086", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00705", "scoring_system": "epss", "scoring_elements": "0.72065", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76197", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76182", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76158", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76155", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76111", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76144", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76157", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1861" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356046", "reference_id": "2356046", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356046" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-52jp-hrpf-2jff", "reference_id": "GHSA-52jp-hrpf-2jff", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-31T12:55:53Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-52jp-hrpf-2jff" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15687", "reference_id": "RHSA-2025:15687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4263", "reference_id": "RHSA-2025:4263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7418", "reference_id": "RHSA-2025:7418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7431", "reference_id": "RHSA-2025:7431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7432", "reference_id": "RHSA-2025:7432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7489", "reference_id": "RHSA-2025:7489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7400-1/", "reference_id": "USN-7400-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7400-1/" }, { "reference_url": "https://usn.ubuntu.com/7645-1/", "reference_id": "USN-7645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7645-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392443?format=api", "purl": "pkg:apk/alpine/php82@8.2.28-r0?arch=s390x&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.28-r0%3Farch=s390x&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2025-1861" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nrnn-pgxj-xugg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70594?format=api", "vulnerability_id": "VCID-qyx5-b321-2udm", "summary": "php: Stream HTTP wrapper header check might omit basic auth header", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1736.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1736.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1736", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00486", "scoring_system": "epss", "scoring_elements": "0.65377", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00486", "scoring_system": "epss", "scoring_elements": "0.65351", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70731", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70718", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70701", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70686", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70633", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70679", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70695", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1736" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1736" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356041", "reference_id": "2356041", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356041" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528", "reference_id": "GHSA-hgf5-96fm-v528", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T12:57:12Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-hgf5-96fm-v528" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15687", "reference_id": "RHSA-2025:15687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4263", "reference_id": "RHSA-2025:4263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7418", "reference_id": "RHSA-2025:7418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7431", "reference_id": "RHSA-2025:7431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7432", "reference_id": "RHSA-2025:7432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7489", "reference_id": "RHSA-2025:7489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7400-1/", "reference_id": "USN-7400-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7400-1/" }, { "reference_url": "https://usn.ubuntu.com/7645-1/", "reference_id": "USN-7645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7645-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392443?format=api", "purl": "pkg:apk/alpine/php82@8.2.28-r0?arch=s390x&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.28-r0%3Farch=s390x&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2025-1736" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qyx5-b321-2udm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70596?format=api", "vulnerability_id": "VCID-t862-kese-z7ae", "summary": "php: libxml streams use wrong content-type header when requesting a redirected resource", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1219.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1219.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20744", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.2057", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20677", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20635", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20583", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20803", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20522", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20598", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20657", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1219" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356043", "reference_id": "2356043", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356043" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc", "reference_id": "GHSA-p3x9-6h7p-cgfc", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T13:10:21Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-p3x9-6h7p-cgfc" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15687", "reference_id": "RHSA-2025:15687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4263", "reference_id": "RHSA-2025:4263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7418", "reference_id": "RHSA-2025:7418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7431", "reference_id": "RHSA-2025:7431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7432", "reference_id": "RHSA-2025:7432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7489", "reference_id": "RHSA-2025:7489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7400-1/", "reference_id": "USN-7400-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7400-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392443?format=api", "purl": "pkg:apk/alpine/php82@8.2.28-r0?arch=s390x&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.28-r0%3Farch=s390x&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2025-1219" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t862-kese-z7ae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70595?format=api", "vulnerability_id": "VCID-uqrh-9nue-rqgx", "summary": "php: Streams HTTP wrapper does not fail for headers with invalid name and no colon", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1734.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1734.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1734", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59546", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59618", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59622", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59605", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59585", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59571", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.5954", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59591", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59603", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1734" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1734", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1734" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356042", "reference_id": "2356042", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2356042" }, { "reference_url": "https://github.com/php/php-src/security/advisories/GHSA-pcmh-g36c-qc44", "reference_id": "GHSA-pcmh-g36c-qc44", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-31T14:21:51Z/" } ], "url": "https://github.com/php/php-src/security/advisories/GHSA-pcmh-g36c-qc44" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15687", "reference_id": "RHSA-2025:15687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4263", "reference_id": "RHSA-2025:4263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7418", "reference_id": "RHSA-2025:7418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7431", "reference_id": "RHSA-2025:7431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7432", "reference_id": "RHSA-2025:7432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7489", "reference_id": "RHSA-2025:7489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2470", "reference_id": "RHSA-2026:2470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2470" }, { "reference_url": "https://usn.ubuntu.com/7400-1/", "reference_id": "USN-7400-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7400-1/" }, { "reference_url": "https://usn.ubuntu.com/7645-1/", "reference_id": "USN-7645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7645-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/392443?format=api", "purl": "pkg:apk/alpine/php82@8.2.28-r0?arch=s390x&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.28-r0%3Farch=s390x&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2025-1734" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uqrh-9nue-rqgx" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php82@8.2.28-r0%3Farch=s390x&distroversion=v3.21&reponame=community" }