Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community

Type apk

Namespace alpine

Name php7

Version 7.1.29-r0

Qualifiers

arch	x86_64
distroversion	v3.7
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 7.1.30-r0

Latest_non_vulnerable_version 7.1.33-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1ap1-zugk-gbas

vulnerability_id VCID-1ap1-zugk-gbas

summary security update

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9639.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9639.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9639

reference_id

reference_type

scores

value	0.14536
scoring_system	epss
scoring_elements	0.9442
published_at	2026-04-01T12:55:00Z

value	0.14536
scoring_system	epss
scoring_elements	0.94476
published_at	2026-04-18T12:55:00Z

value	0.14536
scoring_system	epss
scoring_elements	0.94456
published_at	2026-04-11T12:55:00Z

value	0.14536
scoring_system	epss
scoring_elements	0.94458
published_at	2026-04-13T12:55:00Z

value	0.14536
scoring_system	epss
scoring_elements	0.94472
published_at	2026-04-16T12:55:00Z

value	0.14536
scoring_system	epss
scoring_elements	0.94427
published_at	2026-04-02T12:55:00Z

value	0.14536
scoring_system	epss
scoring_elements	0.94438
published_at	2026-04-04T12:55:00Z

value	0.14536
scoring_system	epss
scoring_elements	0.9444
published_at	2026-04-07T12:55:00Z

value	0.14536
scoring_system	epss
scoring_elements	0.9445
published_at	2026-04-08T12:55:00Z

value	0.14536
scoring_system	epss
scoring_elements	0.94453
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9639

reference_url	https://bugs.php.net/bug.php?id=77659
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=77659

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html

reference_url	https://security.netapp.com/advisory/ntap-20190502-0007/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190502-0007/

reference_url	https://www.debian.org/security/2019/dsa-4403
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4403

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1688934
reference_id	1688934
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1688934

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_id	cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_id	cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9639

reference_id

CVE-2019-9639

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9639

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

reference_url	https://access.redhat.com/errata/RHSA-2019:3299
reference_id	RHSA-2019:3299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3299

reference_url	https://access.redhat.com/errata/RHSA-2020:1624
reference_id	RHSA-2020:1624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1624

reference_url	https://usn.ubuntu.com/3922-1/
reference_id	USN-3922-1
reference_type
scores
url	https://usn.ubuntu.com/3922-1/

reference_url	https://usn.ubuntu.com/3922-2/
reference_id	USN-3922-2
reference_type
scores
url	https://usn.ubuntu.com/3922-2/

reference_url	https://usn.ubuntu.com/3922-3/
reference_id	USN-3922-3
reference_type
scores
url	https://usn.ubuntu.com/3922-3/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2019-9639

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1ap1-zugk-gbas

url VCID-2frx-71st-5qar

vulnerability_id VCID-2frx-71st-5qar

summary security update

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9638.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9638.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9638

reference_id

reference_type

scores

value	0.15914
scoring_system	epss
scoring_elements	0.94722
published_at	2026-04-01T12:55:00Z

value	0.15914
scoring_system	epss
scoring_elements	0.94769
published_at	2026-04-18T12:55:00Z

value	0.15914
scoring_system	epss
scoring_elements	0.94754
published_at	2026-04-11T12:55:00Z

value	0.15914
scoring_system	epss
scoring_elements	0.94758
published_at	2026-04-13T12:55:00Z

value	0.15914
scoring_system	epss
scoring_elements	0.94767
published_at	2026-04-16T12:55:00Z

value	0.15914
scoring_system	epss
scoring_elements	0.94731
published_at	2026-04-02T12:55:00Z

value	0.15914
scoring_system	epss
scoring_elements	0.94735
published_at	2026-04-04T12:55:00Z

value	0.15914
scoring_system	epss
scoring_elements	0.94736
published_at	2026-04-07T12:55:00Z

value	0.15914
scoring_system	epss
scoring_elements	0.94745
published_at	2026-04-08T12:55:00Z

value	0.15914
scoring_system	epss
scoring_elements	0.9475
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9638

reference_url	https://bugs.php.net/bug.php?id=77563
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=77563

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html

reference_url	https://security.netapp.com/advisory/ntap-20190502-0007/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190502-0007/

reference_url	https://www.debian.org/security/2019/dsa-4403
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4403

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1688922
reference_id	1688922
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1688922

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_id	cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_id	cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9638

reference_id

CVE-2019-9638

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9638

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

reference_url	https://access.redhat.com/errata/RHSA-2019:3299
reference_id	RHSA-2019:3299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3299

reference_url	https://access.redhat.com/errata/RHSA-2020:1624
reference_id	RHSA-2020:1624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1624

reference_url	https://usn.ubuntu.com/3922-1/
reference_id	USN-3922-1
reference_type
scores
url	https://usn.ubuntu.com/3922-1/

reference_url	https://usn.ubuntu.com/3922-2/
reference_id	USN-3922-2
reference_type
scores
url	https://usn.ubuntu.com/3922-2/

reference_url	https://usn.ubuntu.com/3922-3/
reference_id	USN-3922-3
reference_type
scores
url	https://usn.ubuntu.com/3922-3/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2019-9638

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2frx-71st-5qar

url VCID-4gxr-wh6g-bbbe

vulnerability_id VCID-4gxr-wh6g-bbbe

summary security update

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html

reference_url	http://php.net/ChangeLog-5.php
reference_id
reference_type
scores
url	http://php.net/ChangeLog-5.php

reference_url	http://php.net/ChangeLog-7.php
reference_id
reference_type
scores
url	http://php.net/ChangeLog-7.php

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20783.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20783.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20783

reference_id

reference_type

scores

value	0.05101
scoring_system	epss
scoring_elements	0.89843
published_at	2026-04-18T12:55:00Z

value	0.05101
scoring_system	epss
scoring_elements	0.89829
published_at	2026-04-13T12:55:00Z

value	0.06535
scoring_system	epss
scoring_elements	0.91124
published_at	2026-04-12T12:55:00Z

value	0.06535
scoring_system	epss
scoring_elements	0.91074
published_at	2026-04-01T12:55:00Z

value	0.06535
scoring_system	epss
scoring_elements	0.91079
published_at	2026-04-02T12:55:00Z

value	0.06535
scoring_system	epss
scoring_elements	0.91088
published_at	2026-04-04T12:55:00Z

value	0.06535
scoring_system	epss
scoring_elements	0.91096
published_at	2026-04-07T12:55:00Z

value	0.06535
scoring_system	epss
scoring_elements	0.91109
published_at	2026-04-08T12:55:00Z

value	0.06535
scoring_system	epss
scoring_elements	0.91115
published_at	2026-04-09T12:55:00Z

value	0.06535
scoring_system	epss
scoring_elements	0.91122
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20783

reference_url	https://bugs.php.net/bug.php?id=77143
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=77143

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1680545
reference_id	1680545
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1680545

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-20783

reference_id

CVE-2018-20783

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2018-20783

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

reference_url	https://access.redhat.com/errata/RHSA-2019:3299
reference_id	RHSA-2019:3299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3299

reference_url	https://access.redhat.com/errata/RHSA-2020:1624
reference_id	RHSA-2020:1624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1624

reference_url	https://usn.ubuntu.com/3566-2/
reference_id	USN-3566-2
reference_type
scores
url	https://usn.ubuntu.com/3566-2/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2018-20783

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4gxr-wh6g-bbbe

url VCID-4qq9-cj2b-dkbh

vulnerability_id VCID-4qq9-cj2b-dkbh

summary php: Serializing or unserializing COM objects crashes

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19396.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19396.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19396

reference_id

reference_type

scores

value	0.01915
scoring_system	epss
scoring_elements	0.8324
published_at	2026-04-01T12:55:00Z

value	0.01915
scoring_system	epss
scoring_elements	0.83257
published_at	2026-04-02T12:55:00Z

value	0.01915
scoring_system	epss
scoring_elements	0.83271
published_at	2026-04-04T12:55:00Z

value	0.01915
scoring_system	epss
scoring_elements	0.8327
published_at	2026-04-07T12:55:00Z

value	0.01915
scoring_system	epss
scoring_elements	0.83294
published_at	2026-04-08T12:55:00Z

value	0.01915
scoring_system	epss
scoring_elements	0.83304
published_at	2026-04-09T12:55:00Z

value	0.01915
scoring_system	epss
scoring_elements	0.83319
published_at	2026-04-11T12:55:00Z

value	0.01915
scoring_system	epss
scoring_elements	0.83313
published_at	2026-04-12T12:55:00Z

value	0.01915
scoring_system	epss
scoring_elements	0.83309
published_at	2026-04-13T12:55:00Z

value	0.01915
scoring_system	epss
scoring_elements	0.83344
published_at	2026-04-16T12:55:00Z

value	0.01915
scoring_system	epss
scoring_elements	0.83345
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19396

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1652716
reference_id	1652716
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1652716

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2018-19396

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qq9-cj2b-dkbh

url VCID-6xda-97rd-9bam

vulnerability_id VCID-6xda-97rd-9bam

summary

Multiple vulnerabilities have been found in GD, the worst of which
    could result in the remote execution of arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html

reference_url	http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html

reference_url	http://php.net/ChangeLog-5.php
reference_id
reference_type
scores
url	http://php.net/ChangeLog-5.php

reference_url	http://php.net/ChangeLog-7.php
reference_id
reference_type
scores
url	http://php.net/ChangeLog-7.php

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6977.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6977.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6977

reference_id

reference_type

scores

value	0.863
scoring_system	epss
scoring_elements	0.99399
published_at	2026-04-02T12:55:00Z

value	0.863
scoring_system	epss
scoring_elements	0.99407
published_at	2026-04-18T12:55:00Z

value	0.863
scoring_system	epss
scoring_elements	0.99403
published_at	2026-04-09T12:55:00Z

value	0.863
scoring_system	epss
scoring_elements	0.99404
published_at	2026-04-11T12:55:00Z

value	0.863
scoring_system	epss
scoring_elements	0.99405
published_at	2026-04-13T12:55:00Z

value	0.863
scoring_system	epss
scoring_elements	0.99408
published_at	2026-04-16T12:55:00Z

value	0.863
scoring_system	epss
scoring_elements	0.994
published_at	2026-04-04T12:55:00Z

value	0.863
scoring_system	epss
scoring_elements	0.99402
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6977

reference_url	https://bugs.php.net/bug.php?id=77270
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=77270

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/

reference_url	https://security.netapp.com/advisory/ntap-20190315-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190315-0003/

reference_url	https://www.debian.org/security/2019/dsa-4384
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4384

reference_url	https://www.exploit-db.com/exploits/46677/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/46677/

reference_url	http://www.securityfocus.com/bid/106731
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/106731

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1672207
reference_id	1672207
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1672207

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920645
reference_id	920645
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920645

reference_url

https://security.archlinux.org/AVG-865

reference_id

AVG-865

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-865

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgd:libgd:2.2.5:::::::*
reference_id	cpe:2.3:a:libgd:libgd:2.2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgd:libgd:2.2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store::::::::
reference_id	cpe:2.3:a:netapp:storage_automation_store::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.3.0:::::::*
reference_id	cpe:2.3:a:php:php:7.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://github.com/cfreal/exploits/blob/1a671d1d8510e93a0b2607261e9b779562585fe2/CVE-2019-6977-imagecolormatch/exploit.php
reference_id	CVE-2019-6977
reference_type	exploit
scores
url	https://github.com/cfreal/exploits/blob/1a671d1d8510e93a0b2607261e9b779562585fe2/CVE-2019-6977-imagecolormatch/exploit.php

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/46677.php
reference_id	CVE-2019-6977
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/46677.php

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-6977

reference_id

CVE-2019-6977

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-6977

reference_url	https://security.gentoo.org/glsa/201903-18
reference_id	GLSA-201903-18
reference_type
scores
url	https://security.gentoo.org/glsa/201903-18

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

reference_url	https://access.redhat.com/errata/RHSA-2019:3299
reference_id	RHSA-2019:3299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3299

reference_url	https://access.redhat.com/errata/RHSA-2020:4659
reference_id	RHSA-2020:4659
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4659

reference_url	https://usn.ubuntu.com/3900-1/
reference_id	USN-3900-1
reference_type
scores
url	https://usn.ubuntu.com/3900-1/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2019-6977

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6xda-97rd-9bam

url VCID-7agg-jfnb-t7c9

vulnerability_id VCID-7agg-jfnb-t7c9

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14883.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14883.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14883

reference_id

reference_type

scores

value	0.20292
scoring_system	epss
scoring_elements	0.95483
published_at	2026-04-01T12:55:00Z

value	0.20292
scoring_system	epss
scoring_elements	0.95492
published_at	2026-04-02T12:55:00Z

value	0.20292
scoring_system	epss
scoring_elements	0.95498
published_at	2026-04-04T12:55:00Z

value	0.20292
scoring_system	epss
scoring_elements	0.95502
published_at	2026-04-07T12:55:00Z

value	0.20292
scoring_system	epss
scoring_elements	0.95509
published_at	2026-04-08T12:55:00Z

value	0.20292
scoring_system	epss
scoring_elements	0.95512
published_at	2026-04-09T12:55:00Z

value	0.20292
scoring_system	epss
scoring_elements	0.95516
published_at	2026-04-11T12:55:00Z

value	0.20292
scoring_system	epss
scoring_elements	0.95517
published_at	2026-04-12T12:55:00Z

value	0.20292
scoring_system	epss
scoring_elements	0.95518
published_at	2026-04-13T12:55:00Z

value	0.20292
scoring_system	epss
scoring_elements	0.95526
published_at	2026-04-16T12:55:00Z

value	0.20292
scoring_system	epss
scoring_elements	0.95532
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14883

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1609637
reference_id	1609637
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1609637

reference_url	https://usn.ubuntu.com/3766-1/
reference_id	USN-3766-1
reference_type
scores
url	https://usn.ubuntu.com/3766-1/

reference_url	https://usn.ubuntu.com/3766-2/
reference_id	USN-3766-2
reference_type
scores
url	https://usn.ubuntu.com/3766-2/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2018-14883

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7agg-jfnb-t7c9

url VCID-8dmb-887r-zqe8

vulnerability_id VCID-8dmb-887r-zqe8

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14851.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14851.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14851

reference_id

reference_type

scores

value	0.00407
scoring_system	epss
scoring_elements	0.6103
published_at	2026-04-01T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61107
published_at	2026-04-02T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61136
published_at	2026-04-04T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61102
published_at	2026-04-07T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.6115
published_at	2026-04-08T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61165
published_at	2026-04-09T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61186
published_at	2026-04-11T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61173
published_at	2026-04-12T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61153
published_at	2026-04-13T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.61194
published_at	2026-04-16T12:55:00Z

value	0.00407
scoring_system	epss
scoring_elements	0.612
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1609642
reference_id	1609642
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1609642

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

reference_url	https://usn.ubuntu.com/3766-1/
reference_id	USN-3766-1
reference_type
scores
url	https://usn.ubuntu.com/3766-1/

reference_url	https://usn.ubuntu.com/3766-2/
reference_id	USN-3766-2
reference_type
scores
url	https://usn.ubuntu.com/3766-2/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2018-14851

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8dmb-887r-zqe8

url VCID-8kme-kjne-xubq

vulnerability_id VCID-8kme-kjne-xubq

summary security update

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11035.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11035.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11035

reference_id

reference_type

scores

value	0.02968
scoring_system	epss
scoring_elements	0.86436
published_at	2026-04-01T12:55:00Z

value	0.02968
scoring_system	epss
scoring_elements	0.86522
published_at	2026-04-18T12:55:00Z

value	0.02968
scoring_system	epss
scoring_elements	0.8651
published_at	2026-04-11T12:55:00Z

value	0.02968
scoring_system	epss
scoring_elements	0.86507
published_at	2026-04-12T12:55:00Z

value	0.02968
scoring_system	epss
scoring_elements	0.86501
published_at	2026-04-13T12:55:00Z

value	0.02968
scoring_system	epss
scoring_elements	0.86517
published_at	2026-04-16T12:55:00Z

value	0.02968
scoring_system	epss
scoring_elements	0.86447
published_at	2026-04-02T12:55:00Z

value	0.02968
scoring_system	epss
scoring_elements	0.86466
published_at	2026-04-04T12:55:00Z

value	0.02968
scoring_system	epss
scoring_elements	0.86465
published_at	2026-04-07T12:55:00Z

value	0.02968
scoring_system	epss
scoring_elements	0.86484
published_at	2026-04-08T12:55:00Z

value	0.02968
scoring_system	epss
scoring_elements	0.86495
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11035

reference_url	https://bugs.php.net/bug.php?id=77831
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=77831

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/05/msg00035.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/05/msg00035.html

reference_url	https://seclists.org/bugtraq/2019/Sep/38
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Sep/38

reference_url	https://security.netapp.com/advisory/ntap-20190502-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190502-0001/

reference_url	https://support.f5.com/csp/article/K44590877
reference_id
reference_type
scores
url	https://support.f5.com/csp/article/K44590877

reference_url	https://www.debian.org/security/2019/dsa-4529
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4529

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1702246
reference_id	1702246
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1702246

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_id	cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_id	cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11035

reference_id

CVE-2019-11035

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11035

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

reference_url	https://access.redhat.com/errata/RHSA-2019:3299
reference_id	RHSA-2019:3299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3299

reference_url	https://access.redhat.com/errata/RHSA-2020:1624
reference_id	RHSA-2020:1624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1624

reference_url	https://usn.ubuntu.com/3953-1/
reference_id	USN-3953-1
reference_type
scores
url	https://usn.ubuntu.com/3953-1/

reference_url	https://usn.ubuntu.com/3953-2/
reference_id	USN-3953-2
reference_type
scores
url	https://usn.ubuntu.com/3953-2/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2019-11035

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8kme-kjne-xubq

url VCID-dcbh-qs9z-ubaw

vulnerability_id VCID-dcbh-qs9z-ubaw

summary

Multiple vulnerabilities have been found in PHP, the worst of which
    could result in the execution of arbitrary shell commands.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19518.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19518.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19518

reference_id

reference_type

scores

value	0.93869
scoring_system	epss
scoring_elements	0.99871
published_at	2026-04-18T12:55:00Z

value	0.93869
scoring_system	epss
scoring_elements	0.9987
published_at	2026-04-13T12:55:00Z

value	0.93956
scoring_system	epss
scoring_elements	0.99883
published_at	2026-04-04T12:55:00Z

value	0.93956
scoring_system	epss
scoring_elements	0.99882
published_at	2026-04-02T12:55:00Z

value	0.93956
scoring_system	epss
scoring_elements	0.99884
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1654228
reference_id	1654228
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1654228

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914632
reference_id	914632
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914632

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45914.rb
reference_id	CVE-2018-19518
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45914.rb

reference_url	https://raw.githubusercontent.com/rapid7/metasploit-framework/b3ad4a03581f53c670d91e82d2a4ef00ec392f8f/modules/exploits/linux/http/php_imap_open_rce.rb
reference_id	CVE-2018-19518
reference_type	exploit
scores
url	https://raw.githubusercontent.com/rapid7/metasploit-framework/b3ad4a03581f53c670d91e82d2a4ef00ec392f8f/modules/exploits/linux/http/php_imap_open_rce.rb

reference_url	https://security.gentoo.org/glsa/202003-57
reference_id	GLSA-202003-57
reference_type
scores
url	https://security.gentoo.org/glsa/202003-57

reference_url	https://usn.ubuntu.com/4160-1/
reference_id	USN-4160-1
reference_type
scores
url	https://usn.ubuntu.com/4160-1/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2018-19518

risk_score 10.0

exploitability 2.0

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dcbh-qs9z-ubaw

url VCID-g1b8-dkd3-j3a2

vulnerability_id VCID-g1b8-dkd3-j3a2

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10166.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10166.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-10166

reference_id

reference_type

scores

value	0.08333
scoring_system	epss
scoring_elements	0.9225
published_at	2026-04-01T12:55:00Z

value	0.08333
scoring_system	epss
scoring_elements	0.92257
published_at	2026-04-02T12:55:00Z

value	0.08333
scoring_system	epss
scoring_elements	0.92263
published_at	2026-04-04T12:55:00Z

value	0.08333
scoring_system	epss
scoring_elements	0.92266
published_at	2026-04-07T12:55:00Z

value	0.08333
scoring_system	epss
scoring_elements	0.92277
published_at	2026-04-08T12:55:00Z

value	0.08333
scoring_system	epss
scoring_elements	0.92281
published_at	2026-04-09T12:55:00Z

value	0.08333
scoring_system	epss
scoring_elements	0.92287
published_at	2026-04-11T12:55:00Z

value	0.08333
scoring_system	epss
scoring_elements	0.92288
published_at	2026-04-12T12:55:00Z

value	0.08333
scoring_system	epss
scoring_elements	0.92285
published_at	2026-04-13T12:55:00Z

value	0.08333
scoring_system	epss
scoring_elements	0.92297
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-10166

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1418983
reference_id	1418983
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1418983

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

reference_url	https://access.redhat.com/errata/RHSA-2019:3299
reference_id	RHSA-2019:3299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3299

reference_url	https://usn.ubuntu.com/3213-1/
reference_id	USN-3213-1
reference_type
scores
url	https://usn.ubuntu.com/3213-1/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2016-10166

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g1b8-dkd3-j3a2

url VCID-jugh-v1yu-cbcv

vulnerability_id VCID-jugh-v1yu-cbcv

summary php: Mishandled http_header_value in an atoi() call in http_fopen_wrapper.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14884.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14884.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14884

reference_id

reference_type

scores

value	0.0055
scoring_system	epss
scoring_elements	0.67907
published_at	2026-04-01T12:55:00Z

value	0.0055
scoring_system	epss
scoring_elements	0.6793
published_at	2026-04-02T12:55:00Z

value	0.0055
scoring_system	epss
scoring_elements	0.67949
published_at	2026-04-04T12:55:00Z

value	0.0055
scoring_system	epss
scoring_elements	0.67928
published_at	2026-04-07T12:55:00Z

value	0.0055
scoring_system	epss
scoring_elements	0.67979
published_at	2026-04-08T12:55:00Z

value	0.0055
scoring_system	epss
scoring_elements	0.67992
published_at	2026-04-09T12:55:00Z

value	0.0055
scoring_system	epss
scoring_elements	0.68015
published_at	2026-04-11T12:55:00Z

value	0.0055
scoring_system	epss
scoring_elements	0.68002
published_at	2026-04-12T12:55:00Z

value	0.0055
scoring_system	epss
scoring_elements	0.67967
published_at	2026-04-13T12:55:00Z

value	0.0055
scoring_system	epss
scoring_elements	0.68004
published_at	2026-04-16T12:55:00Z

value	0.0055
scoring_system	epss
scoring_elements	0.68017
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14884

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1612362
reference_id	1612362
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1612362

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2018-14884

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jugh-v1yu-cbcv

url VCID-n2rw-3mh1-sufk

vulnerability_id VCID-n2rw-3mh1-sufk

summary ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell").

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19395

reference_id

reference_type

scores

value	0.01973
scoring_system	epss
scoring_elements	0.83483
published_at	2026-04-01T12:55:00Z

value	0.01973
scoring_system	epss
scoring_elements	0.83495
published_at	2026-04-02T12:55:00Z

value	0.01973
scoring_system	epss
scoring_elements	0.8351
published_at	2026-04-04T12:55:00Z

value	0.01973
scoring_system	epss
scoring_elements	0.83511
published_at	2026-04-07T12:55:00Z

value	0.01973
scoring_system	epss
scoring_elements	0.83535
published_at	2026-04-08T12:55:00Z

value	0.01973
scoring_system	epss
scoring_elements	0.83544
published_at	2026-04-09T12:55:00Z

value	0.01973
scoring_system	epss
scoring_elements	0.83559
published_at	2026-04-11T12:55:00Z

value	0.01973
scoring_system	epss
scoring_elements	0.83553
published_at	2026-04-12T12:55:00Z

value	0.01973
scoring_system	epss
scoring_elements	0.83549
published_at	2026-04-13T12:55:00Z

value	0.01973
scoring_system	epss
scoring_elements	0.83583
published_at	2026-04-16T12:55:00Z

value	0.01973
scoring_system	epss
scoring_elements	0.83584
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19395

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2018-19395

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n2rw-3mh1-sufk

url VCID-pn3v-35ge-fqa6

vulnerability_id VCID-pn3v-35ge-fqa6

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11036.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11036.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11036

reference_id

reference_type

scores

value	0.01688
scoring_system	epss
scoring_elements	0.82148
published_at	2026-04-01T12:55:00Z

value	0.01688
scoring_system	epss
scoring_elements	0.82161
published_at	2026-04-02T12:55:00Z

value	0.01688
scoring_system	epss
scoring_elements	0.82182
published_at	2026-04-04T12:55:00Z

value	0.01688
scoring_system	epss
scoring_elements	0.82179
published_at	2026-04-07T12:55:00Z

value	0.01688
scoring_system	epss
scoring_elements	0.82205
published_at	2026-04-08T12:55:00Z

value	0.01688
scoring_system	epss
scoring_elements	0.82212
published_at	2026-04-09T12:55:00Z

value	0.01688
scoring_system	epss
scoring_elements	0.82232
published_at	2026-04-11T12:55:00Z

value	0.01688
scoring_system	epss
scoring_elements	0.82224
published_at	2026-04-12T12:55:00Z

value	0.01688
scoring_system	epss
scoring_elements	0.82218
published_at	2026-04-13T12:55:00Z

value	0.01688
scoring_system	epss
scoring_elements	0.82254
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11036

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1707299
reference_id	1707299
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1707299

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

reference_url	https://access.redhat.com/errata/RHSA-2019:3299
reference_id	RHSA-2019:3299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3299

reference_url	https://access.redhat.com/errata/RHSA-2020:1624
reference_id	RHSA-2020:1624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1624

reference_url	https://usn.ubuntu.com/3566-2/
reference_id	USN-3566-2
reference_type
scores
url	https://usn.ubuntu.com/3566-2/

reference_url	https://usn.ubuntu.com/4009-1/
reference_id	USN-4009-1
reference_type
scores
url	https://usn.ubuntu.com/4009-1/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2019-11036

risk_score 1.8

exploitability 0.5

weighted_severity 3.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pn3v-35ge-fqa6

url VCID-ps5m-es4t-5fbm

vulnerability_id VCID-ps5m-es4t-5fbm

summary

Multiple vulnerabilities have been found in PHP, the worst of which
    could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17082.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17082.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-17082

reference_id

reference_type

scores

value	0.08241
scoring_system	epss
scoring_elements	0.92191
published_at	2026-04-01T12:55:00Z

value	0.08241
scoring_system	epss
scoring_elements	0.92198
published_at	2026-04-02T12:55:00Z

value	0.08241
scoring_system	epss
scoring_elements	0.92204
published_at	2026-04-04T12:55:00Z

value	0.08241
scoring_system	epss
scoring_elements	0.92207
published_at	2026-04-07T12:55:00Z

value	0.08241
scoring_system	epss
scoring_elements	0.92219
published_at	2026-04-08T12:55:00Z

value	0.08241
scoring_system	epss
scoring_elements	0.92222
published_at	2026-04-09T12:55:00Z

value	0.08241
scoring_system	epss
scoring_elements	0.92228
published_at	2026-04-11T12:55:00Z

value	0.08241
scoring_system	epss
scoring_elements	0.92229
published_at	2026-04-12T12:55:00Z

value	0.08241
scoring_system	epss
scoring_elements	0.92225
published_at	2026-04-13T12:55:00Z

value	0.08241
scoring_system	epss
scoring_elements	0.92238
published_at	2026-04-16T12:55:00Z

value	0.08241
scoring_system	epss
scoring_elements	0.92237
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-17082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1629552
reference_id	1629552
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1629552

reference_url	https://security.gentoo.org/glsa/201812-01
reference_id	GLSA-201812-01
reference_type
scores
url	https://security.gentoo.org/glsa/201812-01

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2018-17082

risk_score 2.1

exploitability 0.5

weighted_severity 4.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ps5m-es4t-5fbm

url VCID-psz8-fjxf-xuge

vulnerability_id VCID-psz8-fjxf-xuge

summary security update

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00083.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9641.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9641.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9641

reference_id

reference_type

scores

value	0.52083
scoring_system	epss
scoring_elements	0.97893
published_at	2026-04-01T12:55:00Z

value	0.52083
scoring_system	epss
scoring_elements	0.97925
published_at	2026-04-18T12:55:00Z

value	0.52083
scoring_system	epss
scoring_elements	0.97915
published_at	2026-04-12T12:55:00Z

value	0.52083
scoring_system	epss
scoring_elements	0.97917
published_at	2026-04-13T12:55:00Z

value	0.52083
scoring_system	epss
scoring_elements	0.97924
published_at	2026-04-16T12:55:00Z

value	0.52083
scoring_system	epss
scoring_elements	0.97899
published_at	2026-04-02T12:55:00Z

value	0.52083
scoring_system	epss
scoring_elements	0.97901
published_at	2026-04-04T12:55:00Z

value	0.52083
scoring_system	epss
scoring_elements	0.97904
published_at	2026-04-07T12:55:00Z

value	0.52083
scoring_system	epss
scoring_elements	0.97908
published_at	2026-04-08T12:55:00Z

value	0.52083
scoring_system	epss
scoring_elements	0.97911
published_at	2026-04-09T12:55:00Z

value	0.52083
scoring_system	epss
scoring_elements	0.97914
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9641

reference_url	https://bugs.php.net/bug.php?id=77509
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=77509

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html

reference_url	https://security.netapp.com/advisory/ntap-20190502-0007/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190502-0007/

reference_url	https://www.debian.org/security/2019/dsa-4403
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4403

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1688943
reference_id	1688943
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1688943

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_id	cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9641

reference_id

CVE-2019-9641

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9641

reference_url	https://usn.ubuntu.com/3922-1/
reference_id	USN-3922-1
reference_type
scores
url	https://usn.ubuntu.com/3922-1/

reference_url	https://usn.ubuntu.com/3922-2/
reference_id	USN-3922-2
reference_type
scores
url	https://usn.ubuntu.com/3922-2/

reference_url	https://usn.ubuntu.com/3922-3/
reference_id	USN-3922-3
reference_type
scores
url	https://usn.ubuntu.com/3922-3/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2019-9641

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-psz8-fjxf-xuge

url VCID-rjc8-9tfv-sfdk

vulnerability_id VCID-rjc8-9tfv-sfdk

summary security update

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9637.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9637.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9637

reference_id

reference_type

scores

value	0.0987
scoring_system	epss
scoring_elements	0.92962
published_at	2026-04-01T12:55:00Z

value	0.0987
scoring_system	epss
scoring_elements	0.93004
published_at	2026-04-18T12:55:00Z

value	0.0987
scoring_system	epss
scoring_elements	0.9299
published_at	2026-04-12T12:55:00Z

value	0.0987
scoring_system	epss
scoring_elements	0.92991
published_at	2026-04-13T12:55:00Z

value	0.0987
scoring_system	epss
scoring_elements	0.93001
published_at	2026-04-16T12:55:00Z

value	0.0987
scoring_system	epss
scoring_elements	0.92971
published_at	2026-04-02T12:55:00Z

value	0.0987
scoring_system	epss
scoring_elements	0.92975
published_at	2026-04-04T12:55:00Z

value	0.0987
scoring_system	epss
scoring_elements	0.92974
published_at	2026-04-07T12:55:00Z

value	0.0987
scoring_system	epss
scoring_elements	0.92982
published_at	2026-04-08T12:55:00Z

value	0.0987
scoring_system	epss
scoring_elements	0.92987
published_at	2026-04-09T12:55:00Z

value	0.0987
scoring_system	epss
scoring_elements	0.92992
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9637

reference_url	https://bugs.php.net/bug.php?id=77630
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=77630

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html

reference_url	https://security.netapp.com/advisory/ntap-20190502-0007/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190502-0007/

reference_url	https://support.f5.com/csp/article/K53825211
reference_id
reference_type
scores
url	https://support.f5.com/csp/article/K53825211

reference_url	https://www.debian.org/security/2019/dsa-4403
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4403

reference_url	https://www.tenable.com/security/tns-2019-07
reference_id
reference_type
scores
url	https://www.tenable.com/security/tns-2019-07

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1688897
reference_id	1688897
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1688897

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_id	cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9637

reference_id

CVE-2019-9637

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9637

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

reference_url	https://access.redhat.com/errata/RHSA-2019:3299
reference_id	RHSA-2019:3299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3299

reference_url	https://access.redhat.com/errata/RHSA-2020:1624
reference_id	RHSA-2020:1624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1624

reference_url	https://usn.ubuntu.com/3922-1/
reference_id	USN-3922-1
reference_type
scores
url	https://usn.ubuntu.com/3922-1/

reference_url	https://usn.ubuntu.com/3922-2/
reference_id	USN-3922-2
reference_type
scores
url	https://usn.ubuntu.com/3922-2/

reference_url	https://usn.ubuntu.com/3922-3/
reference_id	USN-3922-3
reference_type
scores
url	https://usn.ubuntu.com/3922-3/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2019-9637

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rjc8-9tfv-sfdk

url VCID-tk4q-pasf-uucd

vulnerability_id VCID-tk4q-pasf-uucd

summary An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-15132

reference_id

reference_type

scores

value	0.04902
scoring_system	epss
scoring_elements	0.8956
published_at	2026-04-01T12:55:00Z

value	0.04902
scoring_system	epss
scoring_elements	0.89564
published_at	2026-04-02T12:55:00Z

value	0.04902
scoring_system	epss
scoring_elements	0.89577
published_at	2026-04-04T12:55:00Z

value	0.04902
scoring_system	epss
scoring_elements	0.89578
published_at	2026-04-07T12:55:00Z

value	0.04902
scoring_system	epss
scoring_elements	0.89594
published_at	2026-04-08T12:55:00Z

value	0.04902
scoring_system	epss
scoring_elements	0.89599
published_at	2026-04-13T12:55:00Z

value	0.04902
scoring_system	epss
scoring_elements	0.89606
published_at	2026-04-11T12:55:00Z

value	0.04902
scoring_system	epss
scoring_elements	0.89605
published_at	2026-04-12T12:55:00Z

value	0.04902
scoring_system	epss
scoring_elements	0.89612
published_at	2026-04-16T12:55:00Z

value	0.04902
scoring_system	epss
scoring_elements	0.89614
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-15132

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2018-15132

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tk4q-pasf-uucd

url VCID-uebj-pchu-r3ed

vulnerability_id VCID-uebj-pchu-r3ed

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19935.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19935.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19935

reference_id

reference_type

scores

value	0.23723
scoring_system	epss
scoring_elements	0.95966
published_at	2026-04-01T12:55:00Z

value	0.23723
scoring_system	epss
scoring_elements	0.95973
published_at	2026-04-02T12:55:00Z

value	0.23723
scoring_system	epss
scoring_elements	0.9598
published_at	2026-04-04T12:55:00Z

value	0.23723
scoring_system	epss
scoring_elements	0.95984
published_at	2026-04-07T12:55:00Z

value	0.23723
scoring_system	epss
scoring_elements	0.95993
published_at	2026-04-08T12:55:00Z

value	0.23723
scoring_system	epss
scoring_elements	0.95995
published_at	2026-04-09T12:55:00Z

value	0.23723
scoring_system	epss
scoring_elements	0.95999
published_at	2026-04-12T12:55:00Z

value	0.23723
scoring_system	epss
scoring_elements	0.96001
published_at	2026-04-13T12:55:00Z

value	0.23723
scoring_system	epss
scoring_elements	0.96011
published_at	2026-04-16T12:55:00Z

value	0.23723
scoring_system	epss
scoring_elements	0.96016
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19935

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17082

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19518

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19935

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20783

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1660525
reference_id	1660525
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1660525

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2018-19935

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uebj-pchu-r3ed

url VCID-vh94-jp2p-zygp

vulnerability_id VCID-vh94-jp2p-zygp

summary security update

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00104.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9640.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9640.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9640

reference_id

reference_type

scores

value	0.16236
scoring_system	epss
scoring_elements	0.94783
published_at	2026-04-01T12:55:00Z

value	0.16236
scoring_system	epss
scoring_elements	0.94829
published_at	2026-04-18T12:55:00Z

value	0.16236
scoring_system	epss
scoring_elements	0.94818
published_at	2026-04-12T12:55:00Z

value	0.16236
scoring_system	epss
scoring_elements	0.94819
published_at	2026-04-13T12:55:00Z

value	0.16236
scoring_system	epss
scoring_elements	0.94826
published_at	2026-04-16T12:55:00Z

value	0.16236
scoring_system	epss
scoring_elements	0.94793
published_at	2026-04-02T12:55:00Z

value	0.16236
scoring_system	epss
scoring_elements	0.94796
published_at	2026-04-04T12:55:00Z

value	0.16236
scoring_system	epss
scoring_elements	0.94797
published_at	2026-04-07T12:55:00Z

value	0.16236
scoring_system	epss
scoring_elements	0.94807
published_at	2026-04-08T12:55:00Z

value	0.16236
scoring_system	epss
scoring_elements	0.94811
published_at	2026-04-09T12:55:00Z

value	0.16236
scoring_system	epss
scoring_elements	0.94815
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9640

reference_url	https://bugs.php.net/bug.php?id=77540
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=77540

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html

reference_url	https://security.netapp.com/advisory/ntap-20190502-0007/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190502-0007/

reference_url	https://www.debian.org/security/2019/dsa-4403
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4403

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1688939
reference_id	1688939
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1688939

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_id	cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_id	cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9640

reference_id

CVE-2019-9640

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9640

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

reference_url	https://access.redhat.com/errata/RHSA-2019:3299
reference_id	RHSA-2019:3299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3299

reference_url	https://access.redhat.com/errata/RHSA-2020:1624
reference_id	RHSA-2020:1624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1624

reference_url	https://usn.ubuntu.com/3922-1/
reference_id	USN-3922-1
reference_type
scores
url	https://usn.ubuntu.com/3922-1/

reference_url	https://usn.ubuntu.com/3922-2/
reference_id	USN-3922-2
reference_type
scores
url	https://usn.ubuntu.com/3922-2/

reference_url	https://usn.ubuntu.com/3922-3/
reference_id	USN-3922-3
reference_type
scores
url	https://usn.ubuntu.com/3922-3/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2019-9640

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vh94-jp2p-zygp

url VCID-vtnn-62dq-yuee

vulnerability_id VCID-vtnn-62dq-yuee

summary security update

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00010.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00012.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00041.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00044.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11034.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11034.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11034

reference_id

reference_type

scores

value	0.02738
scoring_system	epss
scoring_elements	0.8591
published_at	2026-04-01T12:55:00Z

value	0.02738
scoring_system	epss
scoring_elements	0.85999
published_at	2026-04-18T12:55:00Z

value	0.02738
scoring_system	epss
scoring_elements	0.85983
published_at	2026-04-11T12:55:00Z

value	0.02738
scoring_system	epss
scoring_elements	0.85981
published_at	2026-04-12T12:55:00Z

value	0.02738
scoring_system	epss
scoring_elements	0.85976
published_at	2026-04-13T12:55:00Z

value	0.02738
scoring_system	epss
scoring_elements	0.85994
published_at	2026-04-16T12:55:00Z

value	0.02738
scoring_system	epss
scoring_elements	0.85921
published_at	2026-04-02T12:55:00Z

value	0.02738
scoring_system	epss
scoring_elements	0.85938
published_at	2026-04-04T12:55:00Z

value	0.02738
scoring_system	epss
scoring_elements	0.85939
published_at	2026-04-07T12:55:00Z

value	0.02738
scoring_system	epss
scoring_elements	0.85958
published_at	2026-04-08T12:55:00Z

value	0.02738
scoring_system	epss
scoring_elements	0.85968
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11034

reference_url	https://bugs.php.net/bug.php?id=77753
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=77753

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/05/msg00035.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/05/msg00035.html

reference_url	https://seclists.org/bugtraq/2019/Sep/38
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Sep/38

reference_url	https://security.netapp.com/advisory/ntap-20190502-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190502-0001/

reference_url	https://support.f5.com/csp/article/K44590877
reference_id
reference_type
scores
url	https://support.f5.com/csp/article/K44590877

reference_url	https://www.debian.org/security/2019/dsa-4529
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4529

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1702256
reference_id	1702256
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1702256

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_id	cpe:2.3:a:netapp:storage_automation_store:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_id	cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-11034

reference_id

CVE-2019-11034

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-11034

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

reference_url	https://access.redhat.com/errata/RHSA-2019:3299
reference_id	RHSA-2019:3299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3299

reference_url	https://access.redhat.com/errata/RHSA-2020:1624
reference_id	RHSA-2020:1624
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1624

reference_url	https://usn.ubuntu.com/3953-1/
reference_id	USN-3953-1
reference_type
scores
url	https://usn.ubuntu.com/3953-1/

reference_url	https://usn.ubuntu.com/3953-2/
reference_id	USN-3953-2
reference_type
scores
url	https://usn.ubuntu.com/3953-2/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2019-11034

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vtnn-62dq-yuee

url VCID-xh65-k3uv-77af

vulnerability_id VCID-xh65-k3uv-77af

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5712.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5712.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5712

reference_id

reference_type

scores

value	0.89192
scoring_system	epss
scoring_elements	0.9953
published_at	2026-04-02T12:55:00Z

value	0.89192
scoring_system	epss
scoring_elements	0.99532
published_at	2026-04-04T12:55:00Z

value	0.89192
scoring_system	epss
scoring_elements	0.99533
published_at	2026-04-07T12:55:00Z

value	0.89192
scoring_system	epss
scoring_elements	0.99534
published_at	2026-04-09T12:55:00Z

value	0.89192
scoring_system	epss
scoring_elements	0.99535
published_at	2026-04-12T12:55:00Z

value	0.89192
scoring_system	epss
scoring_elements	0.99536
published_at	2026-04-13T12:55:00Z

value	0.89192
scoring_system	epss
scoring_elements	0.99538
published_at	2026-04-16T12:55:00Z

value	0.89192
scoring_system	epss
scoring_elements	0.99539
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5712

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11142
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11142

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11143
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11143

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11144
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11144

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11145
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11145

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16642
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16642

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5712
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5712

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1535251
reference_id	1535251
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1535251

reference_url	https://access.redhat.com/errata/RHSA-2018:1296
reference_id	RHSA-2018:1296
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1296

reference_url	https://access.redhat.com/errata/RHSA-2019:2519
reference_id	RHSA-2019:2519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2519

reference_url	https://access.redhat.com/errata/RHSA-2020:1112
reference_id	RHSA-2020:1112
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1112

reference_url	https://usn.ubuntu.com/3566-1/
reference_id	USN-3566-1
reference_type
scores
url	https://usn.ubuntu.com/3566-1/

reference_url	https://usn.ubuntu.com/3600-1/
reference_id	USN-3600-1
reference_type
scores
url	https://usn.ubuntu.com/3600-1/

reference_url	https://usn.ubuntu.com/3600-2/
reference_id	USN-3600-2
reference_type
scores
url	https://usn.ubuntu.com/3600-2/

fixed_packages

url	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
purl	pkg:apk/alpine/php7@7.1.29-r0?arch=x86_64&distroversion=v3.7&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

aliases CVE-2018-5712

risk_score 10.0

exploitability 2.0

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xh65-k3uv-77af

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/php7@7.1.29-r0%3Farch=x86_64&distroversion=v3.7&reponame=community

Package Instance