Package Instance

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3480

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3480.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3480.json

reference_url

reference_id

reference_type

scores

value	0.06258
scoring_system	epss
scoring_elements	0.90865
published_at	2026-04-01T12:55:00Z

value	0.06258
scoring_system	epss
scoring_elements	0.9087
published_at	2026-04-02T12:55:00Z

value	0.06258
scoring_system	epss
scoring_elements	0.9088
published_at	2026-04-04T12:55:00Z

value	0.06258
scoring_system	epss
scoring_elements	0.90891
published_at	2026-04-07T12:55:00Z

value	0.06258
scoring_system	epss
scoring_elements	0.90903
published_at	2026-04-08T12:55:00Z

value	0.06258
scoring_system	epss
scoring_elements	0.90909
published_at	2026-04-09T12:55:00Z

value	0.06258
scoring_system	epss
scoring_elements	0.90918
published_at	2026-04-12T12:55:00Z

value	0.06258
scoring_system	epss
scoring_elements	0.90916
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3480

reference_url

https://bugs.php.net/bug.php?id=67412

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

https://bugs.php.net/bug.php?id=67412

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

reference_url

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

http://www.securityfocus.com/bid/68238

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/

url

http://www.securityfocus.com/bid/68238

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1104858
reference_id	1104858
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1104858

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file::::::::
reference_id	cpe:2.3:a:file_project:file::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::
reference_id	cpe:2.3:o:oracle:linux:7:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-3480

reference_id

CVE-2014-3480

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2014-3480

reference_url	https://access.redhat.com/errata/RHSA-2014:1012
reference_id	RHSA-2014:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1012

reference_url	https://access.redhat.com/errata/RHSA-2014:1013
reference_id	RHSA-2014:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1013

reference_url	https://access.redhat.com/errata/RHSA-2014:1606
reference_id	RHSA-2014:1606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1606

reference_url	https://access.redhat.com/errata/RHSA-2014:1765
reference_id	RHSA-2014:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1765

reference_url	https://access.redhat.com/errata/RHSA-2014:1766
reference_id	RHSA-2014:1766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1766

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

reference_url	https://usn.ubuntu.com/2276-1/
reference_id	USN-2276-1
reference_type
scores
url	https://usn.ubuntu.com/2276-1/

reference_url	https://usn.ubuntu.com/2278-1/
reference_id	USN-2278-1
reference_type
scores
url	https://usn.ubuntu.com/2278-1/

fixed_packages

url	pkg:deb/debian/file@1:5.19-1?distro=trixie
purl	pkg:deb/debian/file@1:5.19-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-3480

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1wcd-dm5g-j7g7

url VCID-241u-c539-sudk

vulnerability_id VCID-241u-c539-sudk

summary security update

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0237.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0237.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0237

reference_id

reference_type

scores

value	0.38243
scoring_system	epss
scoring_elements	0.97198
published_at	2026-04-01T12:55:00Z

value	0.38243
scoring_system	epss
scoring_elements	0.97205
published_at	2026-04-02T12:55:00Z

value	0.38243
scoring_system	epss
scoring_elements	0.9721
published_at	2026-04-04T12:55:00Z

value	0.38243
scoring_system	epss
scoring_elements	0.97211
published_at	2026-04-07T12:55:00Z

value	0.38243
scoring_system	epss
scoring_elements	0.9722
published_at	2026-04-08T12:55:00Z

value	0.38243
scoring_system	epss
scoring_elements	0.97221
published_at	2026-04-09T12:55:00Z

value	0.38243
scoring_system	epss
scoring_elements	0.97225
published_at	2026-04-11T12:55:00Z

value	0.38243
scoring_system	epss
scoring_elements	0.97226
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0237

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1098193
reference_id	1098193
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1098193

reference_url	https://security.gentoo.org/glsa/201408-11
reference_id	GLSA-201408-11
reference_type
scores
url	https://security.gentoo.org/glsa/201408-11

reference_url	https://access.redhat.com/errata/RHSA-2014:1012
reference_id	RHSA-2014:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1012

reference_url	https://access.redhat.com/errata/RHSA-2014:1013
reference_id	RHSA-2014:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1013

reference_url	https://access.redhat.com/errata/RHSA-2014:1606
reference_id	RHSA-2014:1606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1606

reference_url	https://access.redhat.com/errata/RHSA-2014:1765
reference_id	RHSA-2014:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1765

reference_url	https://access.redhat.com/errata/RHSA-2014:1766
reference_id	RHSA-2014:1766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1766

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

reference_url	https://usn.ubuntu.com/2254-1/
reference_id	USN-2254-1
reference_type
scores
url	https://usn.ubuntu.com/2254-1/

fixed_packages

url	pkg:deb/debian/file@1:5.19-1?distro=trixie
purl	pkg:deb/debian/file@1:5.19-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-0237

risk_score 0.1

exploitability 0.5

weighted_severity 0.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-241u-c539-sudk

url VCID-2td7-hxf4-7kab

vulnerability_id VCID-2td7-hxf4-7kab

summary several

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2270.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2270.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-2270

reference_id

reference_type

scores

value	0.27067
scoring_system	epss
scoring_elements	0.9634
published_at	2026-04-01T12:55:00Z

value	0.27067
scoring_system	epss
scoring_elements	0.96347
published_at	2026-04-02T12:55:00Z

value	0.27067
scoring_system	epss
scoring_elements	0.96352
published_at	2026-04-04T12:55:00Z

value	0.27067
scoring_system	epss
scoring_elements	0.96356
published_at	2026-04-07T12:55:00Z

value	0.27067
scoring_system	epss
scoring_elements	0.96364
published_at	2026-04-08T12:55:00Z

value	0.27067
scoring_system	epss
scoring_elements	0.96367
published_at	2026-04-09T12:55:00Z

value	0.27067
scoring_system	epss
scoring_elements	0.96371
published_at	2026-04-12T12:55:00Z

value	0.27067
scoring_system	epss
scoring_elements	0.96374
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-2270

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1072220
reference_id	1072220
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1072220

reference_url	https://security.gentoo.org/glsa/201408-11
reference_id	GLSA-201408-11
reference_type
scores
url	https://security.gentoo.org/glsa/201408-11

reference_url	https://security.gentoo.org/glsa/201503-08
reference_id	GLSA-201503-08
reference_type
scores
url	https://security.gentoo.org/glsa/201503-08

reference_url	https://access.redhat.com/errata/RHSA-2014:1012
reference_id	RHSA-2014:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1012

reference_url	https://access.redhat.com/errata/RHSA-2014:1606
reference_id	RHSA-2014:1606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1606

reference_url	https://access.redhat.com/errata/RHSA-2014:1765
reference_id	RHSA-2014:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1765

reference_url	https://usn.ubuntu.com/2162-1/
reference_id	USN-2162-1
reference_type
scores
url	https://usn.ubuntu.com/2162-1/

reference_url	https://usn.ubuntu.com/2163-1/
reference_id	USN-2163-1
reference_type
scores
url	https://usn.ubuntu.com/2163-1/

fixed_packages

url	pkg:deb/debian/file@1:5.17-1?distro=trixie
purl	pkg:deb/debian/file@1:5.17-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.17-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-2270

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2td7-hxf4-7kab

url VCID-479u-yvtq-4qde

vulnerability_id VCID-479u-yvtq-4qde

summary

A stack-based buffer overflow was found in file, possibly resulting
    in the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000249.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000249.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000249

reference_id

reference_type

scores

value	0.00138
scoring_system	epss
scoring_elements	0.33687
published_at	2026-04-01T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33923
published_at	2026-04-13T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33989
published_at	2026-04-11T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33946
published_at	2026-04-12T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.3403
published_at	2026-04-02T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.34061
published_at	2026-04-04T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33916
published_at	2026-04-07T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.33958
published_at	2026-04-08T12:55:00Z

value	0.00138
scoring_system	epss
scoring_elements	0.3399
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000249

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000249
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000249

reference_url	https://github.com/file/file/commit/35c94dc6acc418f1ad7f6241a6680e5327495793
reference_id
reference_type
scores
url	https://github.com/file/file/commit/35c94dc6acc418f1ad7f6241a6680e5327495793

reference_url	https://github.com/file/file/commit/9611f31313a93aa036389c5f3b15eea53510d4d
reference_id
reference_type
scores
url	https://github.com/file/file/commit/9611f31313a93aa036389c5f3b15eea53510d4d

reference_url	http://www.debian.org/security/2017/dsa-3965
reference_id
reference_type
scores
url	http://www.debian.org/security/2017/dsa-3965

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1488053
reference_id	1488053
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1488053

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.29:::::::*
reference_id	cpe:2.3:a:file_project:file:5.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.29:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-1000249

reference_id

CVE-2017-1000249

reference_type

scores

value	2.1
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:N/I:P/A:N

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-1000249

reference_url	https://security.gentoo.org/glsa/201710-02
reference_id	GLSA-201710-02
reference_type
scores
url	https://security.gentoo.org/glsa/201710-02

reference_url	https://usn.ubuntu.com/3412-1/
reference_id	USN-3412-1
reference_type
scores
url	https://usn.ubuntu.com/3412-1/

fixed_packages

url	pkg:deb/debian/file@1:5.32-1?distro=trixie
purl	pkg:deb/debian/file@1:5.32-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.32-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2017-1000249

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-479u-yvtq-4qde

url VCID-53je-bpjt-z7gc

vulnerability_id VCID-53je-bpjt-z7gc

summary

Multiple vulnerabilities have been found in file, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9653.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9653.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9653

reference_id

reference_type

scores

value	0.06827
scoring_system	epss
scoring_elements	0.91291
published_at	2026-04-01T12:55:00Z

value	0.06827
scoring_system	epss
scoring_elements	0.91296
published_at	2026-04-02T12:55:00Z

value	0.06827
scoring_system	epss
scoring_elements	0.91307
published_at	2026-04-04T12:55:00Z

value	0.06827
scoring_system	epss
scoring_elements	0.91313
published_at	2026-04-07T12:55:00Z

value	0.06827
scoring_system	epss
scoring_elements	0.91326
published_at	2026-04-08T12:55:00Z

value	0.06827
scoring_system	epss
scoring_elements	0.91331
published_at	2026-04-09T12:55:00Z

value	0.06827
scoring_system	epss
scoring_elements	0.91339
published_at	2026-04-11T12:55:00Z

value	0.06827
scoring_system	epss
scoring_elements	0.91341
published_at	2026-04-12T12:55:00Z

value	0.06827
scoring_system	epss
scoring_elements	0.9134
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9653

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1190116
reference_id	1190116
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1190116

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777585
reference_id	777585
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777585

reference_url	https://security.gentoo.org/glsa/201701-42
reference_id	GLSA-201701-42
reference_type
scores
url	https://security.gentoo.org/glsa/201701-42

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

reference_url	https://access.redhat.com/errata/RHSA-2016:0760
reference_id	RHSA-2016:0760
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0760

reference_url	https://usn.ubuntu.com/3686-1/
reference_id	USN-3686-1
reference_type
scores
url	https://usn.ubuntu.com/3686-1/

fixed_packages

url	pkg:deb/debian/file@1:5.22%2B15-1?distro=trixie
purl	pkg:deb/debian/file@1:5.22%2B15-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.22%252B15-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-9653

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-53je-bpjt-z7gc

url VCID-6qge-zq5j-gkes

vulnerability_id VCID-6qge-zq5j-gkes

summary file: root_storage NULL pointer deference flaw in CDF parser

references

reference_url	http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f3f22ff5c697aef854ffc1918bce708b37481b0f
reference_id
reference_type
scores
url	http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f3f22ff5c697aef854ffc1918bce708b37481b0f

reference_url	http://php.net/ChangeLog-5.php
reference_id
reference_type
scores
url	http://php.net/ChangeLog-5.php

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0236.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0236.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0236

reference_id

reference_type

scores

value	0.00582
scoring_system	epss
scoring_elements	0.68946
published_at	2026-04-13T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68975
published_at	2026-04-12T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.6888
published_at	2026-04-01T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68897
published_at	2026-04-02T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68919
published_at	2026-04-04T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68898
published_at	2026-04-07T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68949
published_at	2026-04-08T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.68968
published_at	2026-04-09T12:55:00Z

value	0.00582
scoring_system	epss
scoring_elements	0.6899
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0236

reference_url	https://bugs.php.net/bug.php?id=67329
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=67329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0236
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0236

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1098209
reference_id	1098209
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1098209

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-0236

reference_id

CVE-2014-0236

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2014-0236

fixed_packages

url	pkg:deb/debian/file@1:5.19-1?distro=trixie
purl	pkg:deb/debian/file@1:5.19-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-0236

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6qge-zq5j-gkes

url VCID-72u3-dvr8-4yh2

vulnerability_id VCID-72u3-dvr8-4yh2

summary security update

references

reference_url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html

reference_url	http://marc.info/?l=bugtraq&m=141017844705317&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=141017844705317&w=2

reference_url	http://mx.gw.com/pipermail/file/2014/001553.html
reference_id
reference_type
scores
url	http://mx.gw.com/pipermail/file/2014/001553.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1765.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1765.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1766.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1766.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3479.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3479.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3479

reference_id

reference_type

scores

value	0.10357
scoring_system	epss
scoring_elements	0.93197
published_at	2026-04-13T12:55:00Z

value	0.10357
scoring_system	epss
scoring_elements	0.93168
published_at	2026-04-01T12:55:00Z

value	0.10357
scoring_system	epss
scoring_elements	0.93177
published_at	2026-04-02T12:55:00Z

value	0.10357
scoring_system	epss
scoring_elements	0.93182
published_at	2026-04-04T12:55:00Z

value	0.10357
scoring_system	epss
scoring_elements	0.9318
published_at	2026-04-07T12:55:00Z

value	0.10357
scoring_system	epss
scoring_elements	0.93189
published_at	2026-04-08T12:55:00Z

value	0.10357
scoring_system	epss
scoring_elements	0.93193
published_at	2026-04-09T12:55:00Z

value	0.10357
scoring_system	epss
scoring_elements	0.93198
published_at	2026-04-11T12:55:00Z

value	0.10357
scoring_system	epss
scoring_elements	0.93196
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3479

reference_url	https://bugs.php.net/bug.php?id=67411
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=67411

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721

reference_url	http://secunia.com/advisories/59794
reference_id
reference_type
scores
url	http://secunia.com/advisories/59794

reference_url	http://secunia.com/advisories/59831
reference_id
reference_type
scores
url	http://secunia.com/advisories/59831

reference_url	https://github.com/file/file/commit/36fadd29849b8087af9f4586f89dbf74ea45be67
reference_id
reference_type
scores
url	https://github.com/file/file/commit/36fadd29849b8087af9f4586f89dbf74ea45be67

reference_url	https://support.apple.com/HT204659
reference_id
reference_type
scores
url	https://support.apple.com/HT204659

reference_url	http://support.apple.com/kb/HT6443
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT6443

reference_url	http://www.debian.org/security/2014/dsa-2974
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-2974

reference_url	http://www.debian.org/security/2014/dsa-3021
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3021

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.php.net/ChangeLog-5.php
reference_id
reference_type
scores
url	http://www.php.net/ChangeLog-5.php

reference_url	http://www.securityfocus.com/bid/68241
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/68241

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1104869
reference_id	1104869
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1104869

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file::::::::
reference_id	cpe:2.3:a:file_project:file::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::
reference_id	cpe:2.3:o:oracle:linux:7:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-3479

reference_id

CVE-2014-3479

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-3479

reference_url	https://access.redhat.com/errata/RHSA-2014:1012
reference_id	RHSA-2014:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1012

reference_url	https://access.redhat.com/errata/RHSA-2014:1013
reference_id	RHSA-2014:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1013

reference_url	https://access.redhat.com/errata/RHSA-2014:1606
reference_id	RHSA-2014:1606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1606

reference_url	https://access.redhat.com/errata/RHSA-2014:1765
reference_id	RHSA-2014:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1765

reference_url	https://access.redhat.com/errata/RHSA-2014:1766
reference_id	RHSA-2014:1766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1766

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

reference_url	https://usn.ubuntu.com/2276-1/
reference_id	USN-2276-1
reference_type
scores
url	https://usn.ubuntu.com/2276-1/

reference_url	https://usn.ubuntu.com/2278-1/
reference_id	USN-2278-1
reference_type
scores
url	https://usn.ubuntu.com/2278-1/

fixed_packages

url	pkg:deb/debian/file@1:5.19-1?distro=trixie
purl	pkg:deb/debian/file@1:5.19-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-3479

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-72u3-dvr8-4yh2

url VCID-81ub-45sb-3kg3

vulnerability_id VCID-81ub-45sb-3kg3

summary security update

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0238.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0238.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0238

reference_id

reference_type

scores

value	0.26161
scoring_system	epss
scoring_elements	0.96254
published_at	2026-04-01T12:55:00Z

value	0.26161
scoring_system	epss
scoring_elements	0.96261
published_at	2026-04-02T12:55:00Z

value	0.26161
scoring_system	epss
scoring_elements	0.96269
published_at	2026-04-04T12:55:00Z

value	0.26161
scoring_system	epss
scoring_elements	0.96273
published_at	2026-04-07T12:55:00Z

value	0.26161
scoring_system	epss
scoring_elements	0.96283
published_at	2026-04-08T12:55:00Z

value	0.26161
scoring_system	epss
scoring_elements	0.96286
published_at	2026-04-09T12:55:00Z

value	0.26161
scoring_system	epss
scoring_elements	0.9629
published_at	2026-04-12T12:55:00Z

value	0.26161
scoring_system	epss
scoring_elements	0.96293
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1098155
reference_id	1098155
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1098155

reference_url	https://security.gentoo.org/glsa/201408-11
reference_id	GLSA-201408-11
reference_type
scores
url	https://security.gentoo.org/glsa/201408-11

reference_url	https://access.redhat.com/errata/RHSA-2014:1012
reference_id	RHSA-2014:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1012

reference_url	https://access.redhat.com/errata/RHSA-2014:1013
reference_id	RHSA-2014:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1013

reference_url	https://access.redhat.com/errata/RHSA-2014:1606
reference_id	RHSA-2014:1606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1606

reference_url	https://access.redhat.com/errata/RHSA-2014:1765
reference_id	RHSA-2014:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1765

reference_url	https://access.redhat.com/errata/RHSA-2014:1766
reference_id	RHSA-2014:1766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1766

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

reference_url	https://usn.ubuntu.com/2254-1/
reference_id	USN-2254-1
reference_type
scores
url	https://usn.ubuntu.com/2254-1/

fixed_packages

url	pkg:deb/debian/file@1:5.19-1?distro=trixie
purl	pkg:deb/debian/file@1:5.19-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-0238

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-81ub-45sb-3kg3

url VCID-8hc8-whcd-x7ed

vulnerability_id VCID-8hc8-whcd-x7ed

summary

Vulnerabilities in file could allow a context-dependent attack to
    create a Denial of Service condition.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9620.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9620.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9620

reference_id

reference_type

scores

value	0.06505
scoring_system	epss
scoring_elements	0.91055
published_at	2026-04-01T12:55:00Z

value	0.06505
scoring_system	epss
scoring_elements	0.9106
published_at	2026-04-02T12:55:00Z

value	0.06505
scoring_system	epss
scoring_elements	0.9107
published_at	2026-04-04T12:55:00Z

value	0.06505
scoring_system	epss
scoring_elements	0.91078
published_at	2026-04-07T12:55:00Z

value	0.06505
scoring_system	epss
scoring_elements	0.91091
published_at	2026-04-08T12:55:00Z

value	0.06505
scoring_system	epss
scoring_elements	0.91097
published_at	2026-04-09T12:55:00Z

value	0.0829
scoring_system	epss
scoring_elements	0.92253
published_at	2026-04-11T12:55:00Z

value	0.0829
scoring_system	epss
scoring_elements	0.92254
published_at	2026-04-12T12:55:00Z

value	0.0829
scoring_system	epss
scoring_elements	0.92251
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1180639
reference_id	1180639
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1180639

reference_url	https://security.gentoo.org/glsa/201503-08
reference_id	GLSA-201503-08
reference_type
scores
url	https://security.gentoo.org/glsa/201503-08

reference_url	https://access.redhat.com/errata/RHSA-2016:0760
reference_id	RHSA-2016:0760
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0760

reference_url	https://usn.ubuntu.com/3686-1/
reference_id	USN-3686-1
reference_type
scores
url	https://usn.ubuntu.com/3686-1/

fixed_packages

url	pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie
purl	pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-9620

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8hc8-whcd-x7ed

url VCID-at7n-u124-efd5

vulnerability_id VCID-at7n-u124-efd5

summary A vulnerability in file could result in Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1571.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1571.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-1571

reference_id

reference_type

scores

value	0.00431
scoring_system	epss
scoring_elements	0.62468
published_at	2026-04-01T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62527
published_at	2026-04-02T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62559
published_at	2026-04-04T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62525
published_at	2026-04-07T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62576
published_at	2026-04-08T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62591
published_at	2026-04-09T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62609
published_at	2026-04-11T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62598
published_at	2026-04-12T12:55:00Z

value	0.00431
scoring_system	epss
scoring_elements	0.62575
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-1571

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1571
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1571

reference_url

http://mx.gw.com/pipermail/file/2012/000914.html

reference_id

000914.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/

url

http://mx.gw.com/pipermail/file/2012/000914.html

reference_url

https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295

reference_id

1859fdb4e67c49c463c4e0078054335cd46ba295

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/

url

https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295

reference_url

https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b

reference_id

1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/

url

https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664263
reference_id	664263
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664263

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=805197
reference_id	805197
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=805197

reference_url

http://www.mandriva.com/security/advisories?name=MDVSA-2012:035

reference_id

advisories?name=MDVSA-2012:035

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/

url

http://www.mandriva.com/security/advisories?name=MDVSA-2012:035

reference_url

http://www.debian.org/security/2012/dsa-2422

reference_id

dsa-2422

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/

url

http://www.debian.org/security/2012/dsa-2422

reference_url	https://security.gentoo.org/glsa/201209-14
reference_id	GLSA-201209-14
reference_type
scores
url	https://security.gentoo.org/glsa/201209-14

reference_url	https://access.redhat.com/errata/RHSA-2014:1012
reference_id	RHSA-2014:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1012

reference_url	https://access.redhat.com/errata/RHSA-2014:1606
reference_id	RHSA-2014:1606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1606

reference_url	https://usn.ubuntu.com/2123-1/
reference_id	USN-2123-1
reference_type
scores
url	https://usn.ubuntu.com/2123-1/

reference_url

http://www.ubuntu.com/usn/USN-2123-1

reference_id

USN-2123-1

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/

url

http://www.ubuntu.com/usn/USN-2123-1

fixed_packages

url	pkg:deb/debian/file@5.11-1?distro=trixie
purl	pkg:deb/debian/file@5.11-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.11-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2012-1571

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-at7n-u124-efd5

url VCID-bf4p-nqd4-vkd6

vulnerability_id VCID-bf4p-nqd4-vkd6

summary Unknown vulnerability in the "Automatic File Content Type Recognition (AFCTR) Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2003-1092

reference_id

reference_type

scores

value	0.20795
scoring_system	epss
scoring_elements	0.9557
published_at	2026-04-01T12:55:00Z

value	0.20795
scoring_system	epss
scoring_elements	0.95579
published_at	2026-04-02T12:55:00Z

value	0.20795
scoring_system	epss
scoring_elements	0.95584
published_at	2026-04-04T12:55:00Z

value	0.20795
scoring_system	epss
scoring_elements	0.95586
published_at	2026-04-07T12:55:00Z

value	0.20795
scoring_system	epss
scoring_elements	0.95592
published_at	2026-04-08T12:55:00Z

value	0.20795
scoring_system	epss
scoring_elements	0.95595
published_at	2026-04-09T12:55:00Z

value	0.20795
scoring_system	epss
scoring_elements	0.956
published_at	2026-04-11T12:55:00Z

value	0.20795
scoring_system	epss
scoring_elements	0.95601
published_at	2026-04-12T12:55:00Z

value	0.20795
scoring_system	epss
scoring_elements	0.95603
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2003-1092

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1092
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1092

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/22326.c
reference_id	CVE-2003-1092;OSVDB-14743
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/22326.c

reference_url	http://www.idefense.com/advisory/03.04.03.txt
reference_id	CVE-2003-1092;OSVDB-14743
reference_type	exploit
scores
url	http://www.idefense.com/advisory/03.04.03.txt

fixed_packages

url	pkg:deb/debian/file@3.4.1?distro=trixie
purl	pkg:deb/debian/file@3.4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@3.4.1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2003-1092

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bf4p-nqd4-vkd6

url VCID-br5w-skmp-6bbv

vulnerability_id VCID-br5w-skmp-6bbv

summary security update

references

reference_url	http://advisories.mageia.org/MGASA-2015-0040.html
reference_id
reference_type
scores
url	http://advisories.mageia.org/MGASA-2015-0040.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0760.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0760.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8116.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8116.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-8116

reference_id

reference_type

scores

value	0.15876
scoring_system	epss
scoring_elements	0.94751
published_at	2026-04-13T12:55:00Z

value	0.15876
scoring_system	epss
scoring_elements	0.94715
published_at	2026-04-01T12:55:00Z

value	0.15876
scoring_system	epss
scoring_elements	0.94723
published_at	2026-04-02T12:55:00Z

value	0.15876
scoring_system	epss
scoring_elements	0.94727
published_at	2026-04-04T12:55:00Z

value	0.15876
scoring_system	epss
scoring_elements	0.94728
published_at	2026-04-07T12:55:00Z

value	0.15876
scoring_system	epss
scoring_elements	0.94738
published_at	2026-04-08T12:55:00Z

value	0.15876
scoring_system	epss
scoring_elements	0.94742
published_at	2026-04-09T12:55:00Z

value	0.15876
scoring_system	epss
scoring_elements	0.94746
published_at	2026-04-11T12:55:00Z

value	0.15876
scoring_system	epss
scoring_elements	0.9475
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-8116

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652

reference_url	http://seclists.org/oss-sec/2014/q4/1056
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2014/q4/1056

reference_url	http://secunia.com/advisories/61944
reference_id
reference_type
scores
url	http://secunia.com/advisories/61944

reference_url	http://secunia.com/advisories/62081
reference_id
reference_type
scores
url	http://secunia.com/advisories/62081

reference_url	https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog
reference_id
reference_type
scores
url	https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog

reference_url	https://github.com/file/file/commit/b4c01141e5367f247b84dcaf6aefbb4e741842b8
reference_id
reference_type
scores
url	https://github.com/file/file/commit/b4c01141e5367f247b84dcaf6aefbb4e741842b8

reference_url	https://github.com/file/file/commit/d7cdad007c507e6c79f51f058dd77fab70ceb9f6
reference_id
reference_type
scores
url	https://github.com/file/file/commit/d7cdad007c507e6c79f51f058dd77fab70ceb9f6

reference_url	https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
reference_id
reference_type
scores
url	https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.securityfocus.com/bid/71700
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/71700

reference_url	http://www.securitytracker.com/id/1031344
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1031344

reference_url	http://www.ubuntu.com/usn/USN-2494-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2494-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1171580
reference_id	1171580
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1171580

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773148
reference_id	773148
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773148

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.20:::::::*
reference_id	cpe:2.3:a:file_project:file:5.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd::::::::
reference_id	cpe:2.3:o:freebsd:freebsd::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:::::::*
reference_id	cpe:2.3:o:mageia:mageia:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-8116

reference_id

CVE-2014-8116

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-8116

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

reference_url	https://access.redhat.com/errata/RHSA-2016:0760
reference_id	RHSA-2016:0760
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0760

reference_url	https://usn.ubuntu.com/2494-1/
reference_id	USN-2494-1
reference_type
scores
url	https://usn.ubuntu.com/2494-1/

fixed_packages

url	pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie
purl	pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-8116

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-br5w-skmp-6bbv

url VCID-c459-97cu-5ffc

vulnerability_id VCID-c459-97cu-5ffc

summary security update

references

reference_url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

reference_url	http://php.net/ChangeLog-5.php
reference_id
reference_type
scores
url	http://php.net/ChangeLog-5.php

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1326.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1326.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1327.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1327.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1765.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1765.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1766.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1766.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0760.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0760.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3587.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3587.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3587

reference_id

reference_type

scores

value	0.19121
scoring_system	epss
scoring_elements	0.95347
published_at	2026-04-13T12:55:00Z

value	0.19121
scoring_system	epss
scoring_elements	0.95345
published_at	2026-04-12T12:55:00Z

value	0.19121
scoring_system	epss
scoring_elements	0.95308
published_at	2026-04-01T12:55:00Z

value	0.19121
scoring_system	epss
scoring_elements	0.95318
published_at	2026-04-02T12:55:00Z

value	0.19121
scoring_system	epss
scoring_elements	0.95324
published_at	2026-04-04T12:55:00Z

value	0.19121
scoring_system	epss
scoring_elements	0.9533
published_at	2026-04-07T12:55:00Z

value	0.19121
scoring_system	epss
scoring_elements	0.95336
published_at	2026-04-08T12:55:00Z

value	0.19121
scoring_system	epss
scoring_elements	0.9534
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3587

reference_url	https://bugs.php.net/bug.php?id=67716
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=67716

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670

reference_url	http://secunia.com/advisories/60609
reference_id
reference_type
scores
url	http://secunia.com/advisories/60609

reference_url	http://secunia.com/advisories/60696
reference_id
reference_type
scores
url	http://secunia.com/advisories/60696

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/file/file/commit/0641e56be1af003aa02c7c6b0184466540637233
reference_id
reference_type
scores
url	https://github.com/file/file/commit/0641e56be1af003aa02c7c6b0184466540637233

reference_url	https://github.com/php/php-src/commit/7ba1409a1aee5925180de546057ddd84ff267947
reference_id
reference_type
scores
url	https://github.com/php/php-src/commit/7ba1409a1aee5925180de546057ddd84ff267947

reference_url	https://security-tracker.debian.org/tracker/CVE-2014-3587
reference_id
reference_type
scores
url	https://security-tracker.debian.org/tracker/CVE-2014-3587

reference_url	https://support.apple.com/HT204659
reference_id
reference_type
scores
url	https://support.apple.com/HT204659

reference_url	http://www.debian.org/security/2014/dsa-3008
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3008

reference_url	http://www.debian.org/security/2014/dsa-3021
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3021

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.securityfocus.com/bid/69325
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/69325

reference_url	http://www.ubuntu.com/usn/USN-2344-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2344-1

reference_url	http://www.ubuntu.com/usn/USN-2369-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2369-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1128587
reference_id	1128587
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1128587

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file::::::::
reference_id	cpe:2.3:a:christos_zoulas:file::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.00:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.00:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.00:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.01:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.01:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.01:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.02:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.02:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.02:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.03:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.03:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.03:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.04:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.05:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.05:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.05:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.06:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.06:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.06:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.07:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.07:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.07:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.08:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.08:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.08:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.09:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.09:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.09:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.10:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.11:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.12:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.13:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.14:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.15:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.16:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.17:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.18:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:::::::*
reference_id	cpe:2.3:a:php:php:5.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:beta2::::::
reference_id	cpe:2.3:a:php:php:5.4.0:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:beta2:32-bit:::::*
reference_id	cpe:2.3:a:php:php:5.4.0:beta2:32-bit:::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:beta2:32-bit:::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:rc2::::::
reference_id	cpe:2.3:a:php:php:5.4.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:::::::*
reference_id	cpe:2.3:a:php:php:5.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:::::::*
reference_id	cpe:2.3:a:php:php:5.4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:::::::*
reference_id	cpe:2.3:a:php:php:5.4.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:::::::*
reference_id	cpe:2.3:a:php:php:5.4.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc1::::::
reference_id	cpe:2.3:a:php:php:5.4.12:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc2::::::
reference_id	cpe:2.3:a:php:php:5.4.12:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:::::::*
reference_id	cpe:2.3:a:php:php:5.4.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:rc1::::::
reference_id	cpe:2.3:a:php:php:5.4.13:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:::::::*
reference_id	cpe:2.3:a:php:php:5.4.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:rc1::::::
reference_id	cpe:2.3:a:php:php:5.4.14:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:::::::*
reference_id	cpe:2.3:a:php:php:5.4.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:rc1::::::
reference_id	cpe:2.3:a:php:php:5.4.15:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.16:rc1::::::
reference_id	cpe:2.3:a:php:php:5.4.16:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.16:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.17:::::::*
reference_id	cpe:2.3:a:php:php:5.4.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.18:::::::*
reference_id	cpe:2.3:a:php:php:5.4.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.19:::::::*
reference_id	cpe:2.3:a:php:php:5.4.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:::::::*
reference_id	cpe:2.3:a:php:php:5.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.20:::::::*
reference_id	cpe:2.3:a:php:php:5.4.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.21:::::::*
reference_id	cpe:2.3:a:php:php:5.4.21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.22:::::::*
reference_id	cpe:2.3:a:php:php:5.4.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.23:::::::*
reference_id	cpe:2.3:a:php:php:5.4.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.24:::::::*
reference_id	cpe:2.3:a:php:php:5.4.24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.24:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.25:::::::*
reference_id	cpe:2.3:a:php:php:5.4.25:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.25:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.26:::::::*
reference_id	cpe:2.3:a:php:php:5.4.26:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.26:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.27:::::::*
reference_id	cpe:2.3:a:php:php:5.4.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.27:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.28:::::::*
reference_id	cpe:2.3:a:php:php:5.4.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.29:::::::*
reference_id	cpe:2.3:a:php:php:5.4.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:::::::*
reference_id	cpe:2.3:a:php:php:5.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.30:::::::*
reference_id	cpe:2.3:a:php:php:5.4.30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:::::::*
reference_id	cpe:2.3:a:php:php:5.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:::::::*
reference_id	cpe:2.3:a:php:php:5.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:::::::*
reference_id	cpe:2.3:a:php:php:5.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:::::::*
reference_id	cpe:2.3:a:php:php:5.4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:::::::*
reference_id	cpe:2.3:a:php:php:5.4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:::::::*
reference_id	cpe:2.3:a:php:php:5.4.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:::::::*
reference_id	cpe:2.3:a:php:php:5.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1::::::
reference_id	cpe:2.3:a:php:php:5.5.0:alpha1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1::::::

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2::::::
reference_id	cpe:2.3:a:php:php:5.5.0:alpha2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2::::::

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3::::::
reference_id	cpe:2.3:a:php:php:5.5.0:alpha3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3::::::

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4::::::
reference_id	cpe:2.3:a:php:php:5.5.0:alpha4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4::::::

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5::::::
reference_id	cpe:2.3:a:php:php:5.5.0:alpha5::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5::::::

104

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6::::::
reference_id	cpe:2.3:a:php:php:5.5.0:alpha6::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6::::::

105

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1::::::
reference_id	cpe:2.3:a:php:php:5.5.0:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1::::::

106

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2::::::
reference_id	cpe:2.3:a:php:php:5.5.0:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2::::::

107

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3::::::
reference_id	cpe:2.3:a:php:php:5.5.0:beta3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3::::::

108

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4::::::
reference_id	cpe:2.3:a:php:php:5.5.0:beta4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4::::::

109

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1::::::
reference_id	cpe:2.3:a:php:php:5.5.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1::::::

110

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2::::::
reference_id	cpe:2.3:a:php:php:5.5.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2::::::

111

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:::::::*
reference_id	cpe:2.3:a:php:php:5.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:::::::*

112

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:::::::*
reference_id	cpe:2.3:a:php:php:5.5.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:::::::*

113

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:::::::*
reference_id	cpe:2.3:a:php:php:5.5.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:::::::*

114

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:::::::*
reference_id	cpe:2.3:a:php:php:5.5.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:::::::*

115

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:::::::*
reference_id	cpe:2.3:a:php:php:5.5.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:::::::*

116

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:::::::*
reference_id	cpe:2.3:a:php:php:5.5.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:::::::*

117

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:::::::*
reference_id	cpe:2.3:a:php:php:5.5.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:::::::*

118

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:::::::*
reference_id	cpe:2.3:a:php:php:5.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:::::::*

119

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:::::::*
reference_id	cpe:2.3:a:php:php:5.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:::::::*

120

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:::::::*
reference_id	cpe:2.3:a:php:php:5.5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:::::::*

121

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:::::::*
reference_id	cpe:2.3:a:php:php:5.5.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:::::::*

122

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:::::::*
reference_id	cpe:2.3:a:php:php:5.5.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:::::::*

123

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:::::::*
reference_id	cpe:2.3:a:php:php:5.5.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:::::::*

124

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:::::::*
reference_id	cpe:2.3:a:php:php:5.5.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:::::::*

125

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:::::::*
reference_id	cpe:2.3:a:php:php:5.5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:::::::*

126

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-3587

reference_id

CVE-2014-3587

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-3587

127

reference_url	https://access.redhat.com/errata/RHSA-2014:1326
reference_id	RHSA-2014:1326
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1326

128

reference_url	https://access.redhat.com/errata/RHSA-2014:1327
reference_id	RHSA-2014:1327
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1327

129

reference_url	https://access.redhat.com/errata/RHSA-2014:1765
reference_id	RHSA-2014:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1765

130

reference_url	https://access.redhat.com/errata/RHSA-2014:1766
reference_id	RHSA-2014:1766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1766

131

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

132

reference_url	https://access.redhat.com/errata/RHSA-2016:0760
reference_id	RHSA-2016:0760
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0760

133

reference_url	https://usn.ubuntu.com/2344-1/
reference_id	USN-2344-1
reference_type
scores
url	https://usn.ubuntu.com/2344-1/

134

reference_url	https://usn.ubuntu.com/2369-1/
reference_id	USN-2369-1
reference_type
scores
url	https://usn.ubuntu.com/2369-1/

fixed_packages

url	pkg:deb/debian/file@1:5.19-2?distro=trixie
purl	pkg:deb/debian/file@1:5.19-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-2%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-3587

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c459-97cu-5ffc

url VCID-dn25-adac-e3cr

vulnerability_id VCID-dn25-adac-e3cr

summary A vulnerability has been discovered in file, which could lead to a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48554.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48554.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-48554

reference_id

reference_type

scores

value	0.00023
scoring_system	epss
scoring_elements	0.06087
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06116
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06099
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06141
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06179
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.0617
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06166
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06158
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-48554

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48554
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48554

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2235714
reference_id	2235714
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2235714

reference_url	https://security.gentoo.org/glsa/202409-06
reference_id	GLSA-202409-06
reference_type
scores
url	https://security.gentoo.org/glsa/202409-06

reference_url	https://access.redhat.com/errata/RHSA-2024:2512
reference_id	RHSA-2024:2512
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2512

reference_url	https://usn.ubuntu.com/6359-1/
reference_id	USN-6359-1
reference_type
scores
url	https://usn.ubuntu.com/6359-1/

fixed_packages

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-1?distro=trixie
purl	pkg:deb/debian/file@1:5.44-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2022-48554

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dn25-adac-e3cr

url VCID-dnwd-kqz6-p3ek

vulnerability_id VCID-dnwd-kqz6-p3ek

summary file: stack-based buffer over-read in do_core_note in readelf.c

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8905.json

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8905.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-8905

reference_id

reference_type

scores

value	0.00096
scoring_system	epss
scoring_elements	0.26608
published_at	2026-04-01T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26503
published_at	2026-04-13T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26551
published_at	2026-04-08T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.266
published_at	2026-04-09T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26606
published_at	2026-04-11T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.2656
published_at	2026-04-12T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26654
published_at	2026-04-02T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26697
published_at	2026-04-04T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26483
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-8905

reference_url	https://bugs.astron.com/view.php?id=63
reference_id
reference_type
scores
url	https://bugs.astron.com/view.php?id=63

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8905
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8905

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html

reference_url	http://www.securityfocus.com/bid/107137
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107137

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1679181
reference_id	1679181
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1679181

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922968
reference_id	922968
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922968

reference_url	https://security.archlinux.org/ASA-201903-5
reference_id	ASA-201903-5
reference_type
scores
url	https://security.archlinux.org/ASA-201903-5

reference_url

reference_id

AVG-907

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-8905

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:::::::*
reference_id	cpe:2.3:a:file_project:file:5.35:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url

reference_id

CVE-2019-8905

reference_type

scores

value	3.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:N/A:P

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2019-8905

reference_url	https://usn.ubuntu.com/3911-1/
reference_id	USN-3911-1
reference_type
scores
url	https://usn.ubuntu.com/3911-1/

fixed_packages

url	pkg:deb/debian/file@1:5.35-3?distro=trixie
purl	pkg:deb/debian/file@1:5.35-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.35-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2019-8905

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dnwd-kqz6-p3ek

url VCID-efgf-z631-6fc3

vulnerability_id VCID-efgf-z631-6fc3

summary file: multiple memory corruption issues

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0948.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0948.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-0948

reference_id

reference_type

scores

value	0.00416
scoring_system	epss
scoring_elements	0.61561
published_at	2026-04-01T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61635
published_at	2026-04-07T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61665
published_at	2026-04-04T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61683
published_at	2026-04-08T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61699
published_at	2026-04-09T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61721
published_at	2026-04-11T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61709
published_at	2026-04-12T12:55:00Z

value	0.00416
scoring_system	epss
scoring_elements	0.61689
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-0948

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0948

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=498682
reference_id	498682
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=498682

fixed_packages

url	pkg:deb/debian/file@5.02-1?distro=trixie
purl	pkg:deb/debian/file@5.02-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.02-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2009-0948

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-efgf-z631-6fc3

url VCID-eft3-z1ht-q3dm

vulnerability_id VCID-eft3-z1ht-q3dm

summary

A vulnerability has been discovered in file allowing for a denial of
    service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2026.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2026.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-2026

reference_id

reference_type

scores

value	0.02975
scoring_system	epss
scoring_elements	0.86512
published_at	2026-04-13T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86448
published_at	2026-04-01T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86459
published_at	2026-04-02T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86477
published_at	2026-04-07T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86496
published_at	2026-04-08T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86506
published_at	2026-04-09T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86521
published_at	2026-04-11T12:55:00Z

value	0.02975
scoring_system	epss
scoring_elements	0.86518
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-2026

reference_url	https://bugs.gentoo.org/show_bug.cgi?id=174217
reference_id
reference_type
scores
url	https://bugs.gentoo.org/show_bug.cgi?id=174217

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2026
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2026

reference_url	http://secunia.com/advisories/24918
reference_id
reference_type
scores
url	http://secunia.com/advisories/24918

reference_url	http://secunia.com/advisories/25394
reference_id
reference_type
scores
url	http://secunia.com/advisories/25394

reference_url	http://secunia.com/advisories/25544
reference_id
reference_type
scores
url	http://secunia.com/advisories/25544

reference_url	http://secunia.com/advisories/25578
reference_id
reference_type
scores
url	http://secunia.com/advisories/25578

reference_url	https://issues.rpath.com/browse/RPL-1311
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1311

reference_url	http://sourceforge.net/mailarchive/forum.php?thread_name=755AF709E5B77E6EA58479D5%40foxx.lsit.ucsb.edu&forum_name=amavis-user
reference_id
reference_type
scores
url	http://sourceforge.net/mailarchive/forum.php?thread_name=755AF709E5B77E6EA58479D5%40foxx.lsit.ucsb.edu&forum_name=amavis-user

reference_url	http://www.amavis.org/security/asa-2007-3.txt
reference_id
reference_type
scores
url	http://www.amavis.org/security/asa-2007-3.txt

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200704-13.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200704-13.xml

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:114
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:114

reference_url	http://www.securityfocus.com/archive/1/469520/30/6420/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/469520/30/6420/threaded

reference_url	http://www.securityfocus.com/bid/24146
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/24146

reference_url	http://www.vupen.com/english/advisories/2007/2071
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/2071

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:amavis:virus_scanner::::::::
reference_id	cpe:2.3:a:amavis:virus_scanner::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:amavis:virus_scanner::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gentoo:file:4.20:::::::*
reference_id	cpe:2.3:a:gentoo:file:4.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gentoo:file:4.20:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-2026

reference_id

CVE-2007-2026

reference_type

scores

value	7.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2007-2026

reference_url	https://security.gentoo.org/glsa/200704-13
reference_id	GLSA-200704-13
reference_type
scores
url	https://security.gentoo.org/glsa/200704-13

reference_url	https://security.gentoo.org/glsa/201412-11
reference_id	GLSA-201412-11
reference_type
scores
url	https://security.gentoo.org/glsa/201412-11

fixed_packages

url	pkg:deb/debian/file@4.20-6?distro=trixie
purl	pkg:deb/debian/file@4.20-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@4.20-6%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2007-2026

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eft3-z1ht-q3dm

url VCID-ev7d-6s86-sfds

vulnerability_id VCID-ev7d-6s86-sfds

summary

An integer underflow vulnerability has been reported in The Sleuth Kit
    allowing for the user-assisted execution of arbitrary code.

references

reference_url	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc
reference_id
reference_type
scores
url	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc

reference_url	http://docs.info.apple.com/article.html?artnum=305530
reference_id
reference_type
scores
url	http://docs.info.apple.com/article.html?artnum=305530

reference_url	http://lists.apple.com/archives/security-announce/2007/May/msg00004.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2007/May/msg00004.html

reference_url	http://mx.gw.com/pipermail/file/2007/000161.html
reference_id
reference_type
scores
url	http://mx.gw.com/pipermail/file/2007/000161.html

reference_url	http://openbsd.org/errata40.html#015_file
reference_id
reference_type
scores
url	http://openbsd.org/errata40.html#015_file

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1536.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1536.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-1536

reference_id

reference_type

scores

value	0.41927
scoring_system	epss
scoring_elements	0.97428
published_at	2026-04-13T12:55:00Z

value	0.41927
scoring_system	epss
scoring_elements	0.97402
published_at	2026-04-01T12:55:00Z

value	0.41927
scoring_system	epss
scoring_elements	0.97409
published_at	2026-04-02T12:55:00Z

value	0.41927
scoring_system	epss
scoring_elements	0.97413
published_at	2026-04-04T12:55:00Z

value	0.41927
scoring_system	epss
scoring_elements	0.97415
published_at	2026-04-07T12:55:00Z

value	0.41927
scoring_system	epss
scoring_elements	0.97422
published_at	2026-04-08T12:55:00Z

value	0.41927
scoring_system	epss
scoring_elements	0.97424
published_at	2026-04-09T12:55:00Z

value	0.41927
scoring_system	epss
scoring_elements	0.97426
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-1536

reference_url	https://bugs.gentoo.org/show_bug.cgi?id=171452
reference_id
reference_type
scores
url	https://bugs.gentoo.org/show_bug.cgi?id=171452

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536

reference_url	http://secunia.com/advisories/24548
reference_id
reference_type
scores
url	http://secunia.com/advisories/24548

reference_url	http://secunia.com/advisories/24592
reference_id
reference_type
scores
url	http://secunia.com/advisories/24592

reference_url	http://secunia.com/advisories/24604
reference_id
reference_type
scores
url	http://secunia.com/advisories/24604

reference_url	http://secunia.com/advisories/24608
reference_id
reference_type
scores
url	http://secunia.com/advisories/24608

reference_url	http://secunia.com/advisories/24616
reference_id
reference_type
scores
url	http://secunia.com/advisories/24616

reference_url	http://secunia.com/advisories/24617
reference_id
reference_type
scores
url	http://secunia.com/advisories/24617

reference_url	http://secunia.com/advisories/24723
reference_id
reference_type
scores
url	http://secunia.com/advisories/24723

reference_url	http://secunia.com/advisories/24754
reference_id
reference_type
scores
url	http://secunia.com/advisories/24754

reference_url	http://secunia.com/advisories/25133
reference_id
reference_type
scores
url	http://secunia.com/advisories/25133

reference_url	http://secunia.com/advisories/25393
reference_id
reference_type
scores
url	http://secunia.com/advisories/25393

reference_url	http://secunia.com/advisories/25402
reference_id
reference_type
scores
url	http://secunia.com/advisories/25402

reference_url	http://secunia.com/advisories/25931
reference_id
reference_type
scores
url	http://secunia.com/advisories/25931

reference_url	http://secunia.com/advisories/25989
reference_id
reference_type
scores
url	http://secunia.com/advisories/25989

reference_url	http://secunia.com/advisories/27307
reference_id
reference_type
scores
url	http://secunia.com/advisories/27307

reference_url	http://secunia.com/advisories/27314
reference_id
reference_type
scores
url	http://secunia.com/advisories/27314

reference_url	http://secunia.com/advisories/29179
reference_id
reference_type
scores
url	http://secunia.com/advisories/29179

reference_url	http://security.freebsd.org/advisories/FreeBSD-SA-07:04.file.asc
reference_id
reference_type
scores
url	http://security.freebsd.org/advisories/FreeBSD-SA-07:04.file.asc

reference_url	http://security.gentoo.org/glsa/glsa-200703-26.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200703-26.xml

reference_url	http://security.gentoo.org/glsa/glsa-200710-19.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200710-19.xml

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/36283
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/36283

reference_url	https://issues.rpath.com/browse/RPL-1148
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1148

reference_url	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.512926
reference_id
reference_type
scores
url	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.512926

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10658
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10658

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2007-179.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2007-179.htm

reference_url	http://www.debian.org/security/2007/dsa-1274
reference_id
reference_type
scores
url	http://www.debian.org/security/2007/dsa-1274

reference_url	http://www.kb.cert.org/vuls/id/606700
reference_id
reference_type
scores
url	http://www.kb.cert.org/vuls/id/606700

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:067
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:067

reference_url	http://www.novell.com/linux/security/advisories/2007_40_file.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2007_40_file.html

reference_url	http://www.novell.com/linux/security/advisories/2007_5_sr.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2007_5_sr.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0124.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0124.html

reference_url	http://www.securityfocus.com/archive/1/477861/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/477861/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/477950/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/477950/100/0/threaded

reference_url	http://www.securityfocus.com/bid/23021
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/23021

reference_url	http://www.securitytracker.com/id?1017796
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1017796

reference_url	http://www.ubuntu.com/usn/usn-439-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-439-1

reference_url	http://www.vupen.com/english/advisories/2007/1040
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/1040

reference_url	http://www.vupen.com/english/advisories/2007/1939
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/1939

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=233164
reference_id	233164
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=233164

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=415362
reference_id	415362
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=415362

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file::::::::
reference_id	cpe:2.3:a:file:file::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-1536

reference_id

CVE-2007-1536

reference_type

scores

value	9.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2007-1536

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29753.c
reference_id	CVE-2007-1536;OSVDB-34285
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29753.c

reference_url	https://www.securityfocus.com/bid/23021/info
reference_id	CVE-2007-1536;OSVDB-34285
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/23021/info

reference_url	https://security.gentoo.org/glsa/200703-26
reference_id	GLSA-200703-26
reference_type
scores
url	https://security.gentoo.org/glsa/200703-26

reference_url	https://security.gentoo.org/glsa/200710-19
reference_id	GLSA-200710-19
reference_type
scores
url	https://security.gentoo.org/glsa/200710-19

reference_url	https://security.gentoo.org/glsa/201412-11
reference_id	GLSA-201412-11
reference_type
scores
url	https://security.gentoo.org/glsa/201412-11

reference_url	https://access.redhat.com/errata/RHSA-2007:0124
reference_id	RHSA-2007:0124
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0124

reference_url	https://usn.ubuntu.com/439-1/
reference_id	USN-439-1
reference_type
scores
url	https://usn.ubuntu.com/439-1/

fixed_packages

url	pkg:deb/debian/file@4.20-1?distro=trixie
purl	pkg:deb/debian/file@4.20-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@4.20-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2007-1536

risk_score 10.0

exploitability 2.0

weighted_severity 8.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ev7d-6s86-sfds

url VCID-fapv-3bja-r3hm

vulnerability_id VCID-fapv-3bja-r3hm

summary security update

references

reference_url

http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

reference_url

http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0207

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0207.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0207.json

reference_url

reference_id

reference_type

scores

value	0.0686
scoring_system	epss
scoring_elements	0.91317
published_at	2026-04-01T12:55:00Z

value	0.0686
scoring_system	epss
scoring_elements	0.91322
published_at	2026-04-02T12:55:00Z

value	0.11933
scoring_system	epss
scoring_elements	0.93753
published_at	2026-04-13T12:55:00Z

value	0.11933
scoring_system	epss
scoring_elements	0.93733
published_at	2026-04-04T12:55:00Z

value	0.11933
scoring_system	epss
scoring_elements	0.93736
published_at	2026-04-07T12:55:00Z

value	0.11933
scoring_system	epss
scoring_elements	0.93745
published_at	2026-04-08T12:55:00Z

value	0.11933
scoring_system	epss
scoring_elements	0.93747
published_at	2026-04-09T12:55:00Z

value	0.11933
scoring_system	epss
scoring_elements	0.93752
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0207

reference_url

https://bugs.php.net/bug.php?id=67326

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

https://bugs.php.net/bug.php?id=67326

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

reference_url

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

http://www.securityfocus.com/bid/68243

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

http://www.securityfocus.com/bid/68243

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1091842

reference_id

1091842

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1091842

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file::::::::
reference_id	cpe:2.3:a:christos_zoulas:file::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::
reference_id	cpe:2.3:o:oracle:linux:7:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-0207

reference_id

CVE-2014-0207

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2014-0207

reference_url	https://access.redhat.com/errata/RHSA-2014:1013
reference_id	RHSA-2014:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1013

reference_url	https://access.redhat.com/errata/RHSA-2014:1765
reference_id	RHSA-2014:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1765

reference_url	https://access.redhat.com/errata/RHSA-2014:1766
reference_id	RHSA-2014:1766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1766

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

reference_url	https://usn.ubuntu.com/2276-1/
reference_id	USN-2276-1
reference_type
scores
url	https://usn.ubuntu.com/2276-1/

reference_url	https://usn.ubuntu.com/2278-1/
reference_id	USN-2278-1
reference_type
scores
url	https://usn.ubuntu.com/2278-1/

fixed_packages

url	pkg:deb/debian/file@1:5.19-1?distro=trixie
purl	pkg:deb/debian/file@1:5.19-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-0207

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fapv-3bja-r3hm

url VCID-fhc5-qj7s-vbeb

vulnerability_id VCID-fhc5-qj7s-vbeb

summary php: denial of service when processing a crafted file with Fileinfo

references

reference_url	http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd
reference_id
reference_type
scores
url	http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd

reference_url	http://php.net/ChangeLog-5.php
reference_id
reference_type
scores
url	http://php.net/ChangeLog-5.php

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1135.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1135.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1186.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1186.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1187.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1187.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4604.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4604.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4604

reference_id

reference_type

scores

value	0.09106
scoring_system	epss
scoring_elements	0.92664
published_at	2026-04-13T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.92665
published_at	2026-04-12T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.92632
published_at	2026-04-01T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.92638
published_at	2026-04-02T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.92644
published_at	2026-04-04T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.92645
published_at	2026-04-07T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.92655
published_at	2026-04-08T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.9266
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4604

reference_url	https://bugs.php.net/bug.php?id=68819
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=68819

reference_url	http://www.openwall.com/lists/oss-security/2015/06/16/12
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2015/06/16/12

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/75241
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/75241

reference_url	http://www.securitytracker.com/id/1032709
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1032709

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1213442
reference_id	1213442
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1213442

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:::::::*
reference_id	cpe:2.3:a:php:php:5.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:::::::*
reference_id	cpe:2.3:a:php:php:5.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:::::::*
reference_id	cpe:2.3:a:php:php:5.5.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:::::::*
reference_id	cpe:2.3:a:php:php:5.5.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:::::::*
reference_id	cpe:2.3:a:php:php:5.5.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:::::::*
reference_id	cpe:2.3:a:php:php:5.5.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:::::::*
reference_id	cpe:2.3:a:php:php:5.5.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:::::::*
reference_id	cpe:2.3:a:php:php:5.5.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.16:::::::*
reference_id	cpe:2.3:a:php:php:5.5.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.17:::::::*
reference_id	cpe:2.3:a:php:php:5.5.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.18:::::::*
reference_id	cpe:2.3:a:php:php:5.5.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.19:::::::*
reference_id	cpe:2.3:a:php:php:5.5.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:::::::*
reference_id	cpe:2.3:a:php:php:5.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.20:::::::*
reference_id	cpe:2.3:a:php:php:5.5.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.21:::::::*
reference_id	cpe:2.3:a:php:php:5.5.21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.22:::::::*
reference_id	cpe:2.3:a:php:php:5.5.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.23:::::::*
reference_id	cpe:2.3:a:php:php:5.5.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:::::::*
reference_id	cpe:2.3:a:php:php:5.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:::::::*
reference_id	cpe:2.3:a:php:php:5.5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:::::::*
reference_id	cpe:2.3:a:php:php:5.5.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:::::::*
reference_id	cpe:2.3:a:php:php:5.5.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:::::::*
reference_id	cpe:2.3:a:php:php:5.5.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:::::::*
reference_id	cpe:2.3:a:php:php:5.5.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:::::::*
reference_id	cpe:2.3:a:php:php:5.5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:::::::*
reference_id	cpe:2.3:a:php:php:5.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:::::::*
reference_id	cpe:2.3:a:php:php:5.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:::::::*
reference_id	cpe:2.3:a:php:php:5.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:::::::*
reference_id	cpe:2.3:a:php:php:5.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:::::::*
reference_id	cpe:2.3:a:php:php:5.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:::::::*
reference_id	cpe:2.3:a:php:php:5.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:::::::*
reference_id	cpe:2.3:a:php:php:5.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:::::::*
reference_id	cpe:2.3:a:php:php:5.6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-4604

reference_id

CVE-2015-4604

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-4604

reference_url	https://access.redhat.com/errata/RHSA-2015:1066
reference_id	RHSA-2015:1066
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1066

reference_url	https://access.redhat.com/errata/RHSA-2015:1135
reference_id	RHSA-2015:1135
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1135

reference_url	https://access.redhat.com/errata/RHSA-2015:1186
reference_id	RHSA-2015:1186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1186

reference_url	https://access.redhat.com/errata/RHSA-2015:1187
reference_id	RHSA-2015:1187
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1187

reference_url	https://usn.ubuntu.com/2658-1/
reference_id	USN-2658-1
reference_type
scores
url	https://usn.ubuntu.com/2658-1/

fixed_packages

url	pkg:deb/debian/file@0?distro=trixie
purl	pkg:deb/debian/file@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@0%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2015-4604

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fhc5-qj7s-vbeb

url VCID-fupq-ukq7-r7ac

vulnerability_id VCID-fupq-ukq7-r7ac

summary

A heap-based buffer overflow in file might allow remote attackers
    to execute arbitrary code.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00044.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00044.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18218.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18218.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-18218

reference_id

reference_type

scores

value	0.00174
scoring_system	epss
scoring_elements	0.38676
published_at	2026-04-01T12:55:00Z

value	0.00174
scoring_system	epss
scoring_elements	0.38771
published_at	2026-04-13T12:55:00Z

value	0.00174
scoring_system	epss
scoring_elements	0.38812
published_at	2026-04-08T12:55:00Z

value	0.00174
scoring_system	epss
scoring_elements	0.38823
published_at	2026-04-09T12:55:00Z

value	0.00174
scoring_system	epss
scoring_elements	0.38835
published_at	2026-04-11T12:55:00Z

value	0.00174
scoring_system	epss
scoring_elements	0.38798
published_at	2026-04-12T12:55:00Z

value	0.00174
scoring_system	epss
scoring_elements	0.38814
published_at	2026-04-02T12:55:00Z

value	0.00174
scoring_system	epss
scoring_elements	0.38834
published_at	2026-04-04T12:55:00Z

value	0.00174
scoring_system	epss
scoring_elements	0.38762
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-18218

reference_url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16780
reference_id
reference_type
scores
url	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16780

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18218
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18218

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84
reference_id
reference_type
scores
url	https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84

reference_url	https://lists.debian.org/debian-lts-announce/2019/10/msg00032.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/10/msg00032.html

reference_url	https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV6PFCEYHYALMTT45QE2U5C5TEJZQPXJ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV6PFCEYHYALMTT45QE2U5C5TEJZQPXJ/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D6BJVGXSCC6NMIAWX36FPWHEIFON3OSE/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D6BJVGXSCC6NMIAWX36FPWHEIFON3OSE/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VBK6XOJR6OVWT2FUEBO7V7KCOSSLAP52/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VBK6XOJR6OVWT2FUEBO7V7KCOSSLAP52/

reference_url	https://security.netapp.com/advisory/ntap-20200115-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20200115-0001/

reference_url	https://www.debian.org/security/2019/dsa-4550
reference_id
reference_type
scores
url	https://www.debian.org/security/2019/dsa-4550

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1765272
reference_id	1765272
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1765272

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942830
reference_id	942830
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942830

reference_url	https://security.archlinux.org/ASA-202001-2
reference_id	ASA-202001-2
reference_type
scores
url	https://security.archlinux.org/ASA-202001-2

reference_url

https://security.archlinux.org/AVG-1083

reference_id

AVG-1083

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1083

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file::::::::
reference_id	cpe:2.3:a:file_project:file::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*
reference_id	cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-18218

reference_id

CVE-2019-18218

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-18218

reference_url	https://security.gentoo.org/glsa/202003-24
reference_id	GLSA-202003-24
reference_type
scores
url	https://security.gentoo.org/glsa/202003-24

reference_url	https://access.redhat.com/errata/RHSA-2021:4374
reference_id	RHSA-2021:4374
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4374

reference_url	https://usn.ubuntu.com/4172-1/
reference_id	USN-4172-1
reference_type
scores
url	https://usn.ubuntu.com/4172-1/

reference_url	https://usn.ubuntu.com/4172-2/
reference_id	USN-4172-2
reference_type
scores
url	https://usn.ubuntu.com/4172-2/

fixed_packages

url	pkg:deb/debian/file@1:5.37-6?distro=trixie
purl	pkg:deb/debian/file@1:5.37-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.37-6%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2019-18218

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fupq-ukq7-r7ac

url VCID-h7b6-23hp-8ycj

vulnerability_id VCID-h7b6-23hp-8ycj

summary

Multiple vulnerabilities have been discovered in PHP, the worst of
    which could lead to remote execution of arbitrary code.

references

reference_url	http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1803228597e82218a8c105e67975bc50e6f5bf0d
reference_id
reference_type
scores
url	http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1803228597e82218a8c105e67975bc50e6f5bf0d

reference_url	http://linux.oracle.com/errata/ELSA-2014-1767.html
reference_id
reference_type
scores
url	http://linux.oracle.com/errata/ELSA-2014-1767.html

reference_url	http://linux.oracle.com/errata/ELSA-2014-1768.html
reference_id
reference_type
scores
url	http://linux.oracle.com/errata/ELSA-2014-1768.html

reference_url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-updates/2014-11/msg00113.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2014-11/msg00113.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1765.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1765.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1766.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1766.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1767.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1767.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1768.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1768.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0760.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0760.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3710.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3710.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3710

reference_id

reference_type

scores

value	0.0739
scoring_system	epss
scoring_elements	0.91732
published_at	2026-04-13T12:55:00Z

value	0.0739
scoring_system	epss
scoring_elements	0.9169
published_at	2026-04-01T12:55:00Z

value	0.0739
scoring_system	epss
scoring_elements	0.91699
published_at	2026-04-02T12:55:00Z

value	0.0739
scoring_system	epss
scoring_elements	0.91704
published_at	2026-04-04T12:55:00Z

value	0.0739
scoring_system	epss
scoring_elements	0.91712
published_at	2026-04-07T12:55:00Z

value	0.0739
scoring_system	epss
scoring_elements	0.91725
published_at	2026-04-08T12:55:00Z

value	0.0739
scoring_system	epss
scoring_elements	0.91731
published_at	2026-04-09T12:55:00Z

value	0.0739
scoring_system	epss
scoring_elements	0.91735
published_at	2026-04-11T12:55:00Z

value	0.0739
scoring_system	epss
scoring_elements	0.91736
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3710

reference_url	https://bugs.php.net/bug.php?id=68283
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=68283

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710

reference_url	http://secunia.com/advisories/60630
reference_id
reference_type
scores
url	http://secunia.com/advisories/60630

reference_url	http://secunia.com/advisories/60699
reference_id
reference_type
scores
url	http://secunia.com/advisories/60699

reference_url	http://secunia.com/advisories/61763
reference_id
reference_type
scores
url	http://secunia.com/advisories/61763

reference_url	http://secunia.com/advisories/61970
reference_id
reference_type
scores
url	http://secunia.com/advisories/61970

reference_url	http://secunia.com/advisories/61982
reference_id
reference_type
scores
url	http://secunia.com/advisories/61982

reference_url	http://secunia.com/advisories/62347
reference_id
reference_type
scores
url	http://secunia.com/advisories/62347

reference_url	http://secunia.com/advisories/62559
reference_id
reference_type
scores
url	http://secunia.com/advisories/62559

reference_url	https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0
reference_id
reference_type
scores
url	https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0

reference_url	https://support.apple.com/HT204659
reference_id
reference_type
scores
url	https://support.apple.com/HT204659

reference_url	https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
reference_id
reference_type
scores
url	https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc

reference_url	http://www.debian.org/security/2014/dsa-3072
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3072

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.securityfocus.com/bid/70807
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/70807

reference_url	http://www.securitytracker.com/id/1031344
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1031344

reference_url	http://www.ubuntu.com/usn/USN-2391-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2391-1

reference_url	http://www.ubuntu.com/usn/USN-2494-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2494-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1155071
reference_id	1155071
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1155071

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768806
reference_id	768806
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768806

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-3710

reference_id

CVE-2014-3710

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-3710

reference_url	https://security.gentoo.org/glsa/201503-03
reference_id	GLSA-201503-03
reference_type
scores
url	https://security.gentoo.org/glsa/201503-03

reference_url	https://security.gentoo.org/glsa/201701-42
reference_id	GLSA-201701-42
reference_type
scores
url	https://security.gentoo.org/glsa/201701-42

reference_url	https://access.redhat.com/errata/RHSA-2014:1765
reference_id	RHSA-2014:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1765

reference_url	https://access.redhat.com/errata/RHSA-2014:1766
reference_id	RHSA-2014:1766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1766

reference_url	https://access.redhat.com/errata/RHSA-2014:1767
reference_id	RHSA-2014:1767
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1767

reference_url	https://access.redhat.com/errata/RHSA-2014:1768
reference_id	RHSA-2014:1768
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1768

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

reference_url	https://access.redhat.com/errata/RHSA-2016:0760
reference_id	RHSA-2016:0760
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0760

reference_url	https://usn.ubuntu.com/2391-1/
reference_id	USN-2391-1
reference_type
scores
url	https://usn.ubuntu.com/2391-1/

reference_url	https://usn.ubuntu.com/2494-1/
reference_id	USN-2494-1
reference_type
scores
url	https://usn.ubuntu.com/2494-1/

fixed_packages

url	pkg:deb/debian/file@1:5.20-2?distro=trixie
purl	pkg:deb/debian/file@1:5.20-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.20-2%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-3710

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h7b6-23hp-8ycj

url VCID-j2z8-tcs6-4be1

vulnerability_id VCID-j2z8-tcs6-4be1

summary A vulnerability in file could result in Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7345.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7345.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-7345

reference_id

reference_type

scores

value	0.03176
scoring_system	epss
scoring_elements	0.86903
published_at	2026-04-01T12:55:00Z

value	0.03176
scoring_system	epss
scoring_elements	0.86914
published_at	2026-04-02T12:55:00Z

value	0.03176
scoring_system	epss
scoring_elements	0.86933
published_at	2026-04-04T12:55:00Z

value	0.03176
scoring_system	epss
scoring_elements	0.86926
published_at	2026-04-07T12:55:00Z

value	0.03176
scoring_system	epss
scoring_elements	0.86946
published_at	2026-04-08T12:55:00Z

value	0.03176
scoring_system	epss
scoring_elements	0.86954
published_at	2026-04-09T12:55:00Z

value	0.03176
scoring_system	epss
scoring_elements	0.86967
published_at	2026-04-11T12:55:00Z

value	0.03176
scoring_system	epss
scoring_elements	0.86962
published_at	2026-04-12T12:55:00Z

value	0.03176
scoring_system	epss
scoring_elements	0.86957
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-7345

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1079846
reference_id	1079846
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1079846

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703993
reference_id	703993
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703993

reference_url	https://security.gentoo.org/glsa/201408-08
reference_id	GLSA-201408-08
reference_type
scores
url	https://security.gentoo.org/glsa/201408-08

reference_url	https://security.gentoo.org/glsa/201408-11
reference_id	GLSA-201408-11
reference_type
scores
url	https://security.gentoo.org/glsa/201408-11

reference_url	https://access.redhat.com/errata/RHSA-2014:1013
reference_id	RHSA-2014:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1013

reference_url	https://access.redhat.com/errata/RHSA-2014:1765
reference_id	RHSA-2014:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1765

reference_url	https://usn.ubuntu.com/2278-1/
reference_id	USN-2278-1
reference_type
scores
url	https://usn.ubuntu.com/2278-1/

fixed_packages

url	pkg:deb/debian/file@1:5.17-0.1?distro=trixie
purl	pkg:deb/debian/file@1:5.17-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.17-0.1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2013-7345

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j2z8-tcs6-4be1

url VCID-kj2f-8vd4-quep

vulnerability_id VCID-kj2f-8vd4-quep

summary security update

references

reference_url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

reference_url	http://mx.gw.com/pipermail/file/2014/001553.html
reference_id
reference_type
scores
url	http://mx.gw.com/pipermail/file/2014/001553.html

reference_url	http://openwall.com/lists/oss-security/2014/06/30/7
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2014/06/30/7

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1327.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1327.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1765.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1765.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1766.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1766.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0760.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0760.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3538.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3538.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3538

reference_id

reference_type

scores

value	0.21003
scoring_system	epss
scoring_elements	0.9564
published_at	2026-04-13T12:55:00Z

value	0.21003
scoring_system	epss
scoring_elements	0.95604
published_at	2026-04-01T12:55:00Z

value	0.21003
scoring_system	epss
scoring_elements	0.95613
published_at	2026-04-02T12:55:00Z

value	0.21003
scoring_system	epss
scoring_elements	0.95618
published_at	2026-04-04T12:55:00Z

value	0.21003
scoring_system	epss
scoring_elements	0.95621
published_at	2026-04-07T12:55:00Z

value	0.21003
scoring_system	epss
scoring_elements	0.9563
published_at	2026-04-08T12:55:00Z

value	0.21003
scoring_system	epss
scoring_elements	0.95633
published_at	2026-04-09T12:55:00Z

value	0.21003
scoring_system	epss
scoring_elements	0.95638
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670

reference_url	http://secunia.com/advisories/60696
reference_id
reference_type
scores
url	http://secunia.com/advisories/60696

reference_url	https://github.com/file/file/commit/4a284c89d6ef11aca34da65da7d673050a5ea320
reference_id
reference_type
scores
url	https://github.com/file/file/commit/4a284c89d6ef11aca34da65da7d673050a5ea320

reference_url	https://github.com/file/file/commit/69a5a43b3b71f53b0577f41264a073f495799610
reference_id
reference_type
scores
url	https://github.com/file/file/commit/69a5a43b3b71f53b0577f41264a073f495799610

reference_url	https://github.com/file/file/commit/71a8b6c0d758acb0f73e2e51421a711b5e9d6668
reference_id
reference_type
scores
url	https://github.com/file/file/commit/71a8b6c0d758acb0f73e2e51421a711b5e9d6668

reference_url	https://github.com/file/file/commit/74cafd7de9ec99a14f4480927580e501c8f852c3
reference_id
reference_type
scores
url	https://github.com/file/file/commit/74cafd7de9ec99a14f4480927580e501c8f852c3

reference_url	https://github.com/file/file/commit/758e066df72fb1ac08d2eea91ddc3973d259e991
reference_id
reference_type
scores
url	https://github.com/file/file/commit/758e066df72fb1ac08d2eea91ddc3973d259e991

reference_url	https://support.apple.com/HT204659
reference_id
reference_type
scores
url	https://support.apple.com/HT204659

reference_url	http://www.debian.org/security/2014/dsa-3008
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3008

reference_url	http://www.debian.org/security/2014/dsa-3021
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3021

reference_url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.securityfocus.com/bid/68348
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/68348

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1098222
reference_id	1098222
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1098222

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file::::::::
reference_id	cpe:2.3:a:christos_zoulas:file::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.00:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.00:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.00:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.01:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.01:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.01:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.02:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.02:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.02:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.03:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.03:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.03:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.04:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.05:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.05:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.05:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.06:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.06:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.06:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.07:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.07:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.07:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.08:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.08:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.08:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.09:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.09:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.09:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.10:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.11:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.12:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.13:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.14:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.15:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.16:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.17:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-3538

reference_id

CVE-2014-3538

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-3538

reference_url	https://access.redhat.com/errata/RHSA-2014:1327
reference_id	RHSA-2014:1327
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1327

reference_url	https://access.redhat.com/errata/RHSA-2014:1765
reference_id	RHSA-2014:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1765

reference_url	https://access.redhat.com/errata/RHSA-2014:1766
reference_id	RHSA-2014:1766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1766

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

reference_url	https://access.redhat.com/errata/RHSA-2016:0760
reference_id	RHSA-2016:0760
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0760

reference_url	https://usn.ubuntu.com/2278-1/
reference_id	USN-2278-1
reference_type
scores
url	https://usn.ubuntu.com/2278-1/

fixed_packages

url	pkg:deb/debian/file@1:5.19-1?distro=trixie
purl	pkg:deb/debian/file@1:5.19-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-3538

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kj2f-8vd4-quep

url VCID-kn4s-hv81-q7da

vulnerability_id VCID-kn4s-hv81-q7da

summary Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple Mac OS X 10.6.x before 10.6.2 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Common Document Format (CDF) file. NOTE: this might overlap CVE-2009-1515.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2830

reference_id

reference_type

scores

value	0.01614
scoring_system	epss
scoring_elements	0.81712
published_at	2026-04-01T12:55:00Z

value	0.01614
scoring_system	epss
scoring_elements	0.81723
published_at	2026-04-02T12:55:00Z

value	0.01614
scoring_system	epss
scoring_elements	0.81746
published_at	2026-04-04T12:55:00Z

value	0.01614
scoring_system	epss
scoring_elements	0.81743
published_at	2026-04-07T12:55:00Z

value	0.01614
scoring_system	epss
scoring_elements	0.8177
published_at	2026-04-08T12:55:00Z

value	0.01614
scoring_system	epss
scoring_elements	0.81775
published_at	2026-04-09T12:55:00Z

value	0.01614
scoring_system	epss
scoring_elements	0.81795
published_at	2026-04-11T12:55:00Z

value	0.01614
scoring_system	epss
scoring_elements	0.81782
published_at	2026-04-12T12:55:00Z

value	0.01614
scoring_system	epss
scoring_elements	0.81777
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2830

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2830
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2830

fixed_packages

url	pkg:deb/debian/file@5.03-1?distro=trixie
purl	pkg:deb/debian/file@5.03-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.03-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2009-2830

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kn4s-hv81-q7da

url VCID-mjct-kvsk-zkgj

vulnerability_id VCID-mjct-kvsk-zkgj

summary

Multiple vulnerabilities have been discovered in PHP, the worst of
    which could lead to remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4636.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4636.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-4636

reference_id

reference_type

scores

value	0.00326
scoring_system	epss
scoring_elements	0.55576
published_at	2026-04-13T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55437
published_at	2026-04-01T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55548
published_at	2026-04-02T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55573
published_at	2026-04-04T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55551
published_at	2026-04-07T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55603
published_at	2026-04-08T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55605
published_at	2026-04-09T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55614
published_at	2026-04-11T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.55593
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-4636

reference_url	https://bugs.php.net/bug.php?id=64830
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=64830

reference_url	http://www.php.net/ChangeLog-5.php
reference_id
reference_type
scores
url	http://www.php.net/ChangeLog-5.php

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=977463
reference_id	977463
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=977463

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:::::::*
reference_id	cpe:2.3:a:php:php:5.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:::::::*
reference_id	cpe:2.3:a:php:php:5.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:::::::*
reference_id	cpe:2.3:a:php:php:5.4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:::::::*
reference_id	cpe:2.3:a:php:php:5.4.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:::::::*
reference_id	cpe:2.3:a:php:php:5.4.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:::::::*
reference_id	cpe:2.3:a:php:php:5.4.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:::::::*
reference_id	cpe:2.3:a:php:php:5.4.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:::::::*
reference_id	cpe:2.3:a:php:php:5.4.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:::::::*
reference_id	cpe:2.3:a:php:php:5.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:::::::*
reference_id	cpe:2.3:a:php:php:5.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:::::::*
reference_id	cpe:2.3:a:php:php:5.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:::::::*
reference_id	cpe:2.3:a:php:php:5.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:::::::*
reference_id	cpe:2.3:a:php:php:5.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:::::::*
reference_id	cpe:2.3:a:php:php:5.4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:::::::*
reference_id	cpe:2.3:a:php:php:5.4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:::::::*
reference_id	cpe:2.3:a:php:php:5.4.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-4636

reference_id

CVE-2013-4636

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2013-4636

reference_url	https://security.gentoo.org/glsa/201408-11
reference_id	GLSA-201408-11
reference_type
scores
url	https://security.gentoo.org/glsa/201408-11

fixed_packages

url	pkg:deb/debian/file@0?distro=trixie
purl	pkg:deb/debian/file@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@0%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2013-4636

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mjct-kvsk-zkgj

url VCID-n1mh-p3k8-73gm

vulnerability_id VCID-n1mh-p3k8-73gm

summary php: denial of service when processing a crafted file with Fileinfo

references

reference_url	http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd
reference_id
reference_type
scores
url	http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f938112c495b0d26572435c0be73ac0bfe642ecd

reference_url	http://php.net/ChangeLog-5.php
reference_id
reference_type
scores
url	http://php.net/ChangeLog-5.php

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1135.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1135.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1186.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1186.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1187.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1187.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4605.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4605.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-4605

reference_id

reference_type

scores

value	0.09106
scoring_system	epss
scoring_elements	0.92664
published_at	2026-04-13T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.92665
published_at	2026-04-12T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.92632
published_at	2026-04-01T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.92638
published_at	2026-04-02T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.92644
published_at	2026-04-04T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.92645
published_at	2026-04-07T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.92655
published_at	2026-04-08T12:55:00Z

value	0.09106
scoring_system	epss
scoring_elements	0.9266
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-4605

reference_url	https://bugs.php.net/bug.php?id=68819
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=68819

reference_url	http://www.openwall.com/lists/oss-security/2015/06/16/12
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2015/06/16/12

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/bid/75233
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/75233

reference_url	http://www.securitytracker.com/id/1032709
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1032709

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1213442
reference_id	1213442
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1213442

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:::::::*
reference_id	cpe:2.3:a:php:php:5.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:::::::*
reference_id	cpe:2.3:a:php:php:5.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:::::::*
reference_id	cpe:2.3:a:php:php:5.5.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:::::::*
reference_id	cpe:2.3:a:php:php:5.5.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:::::::*
reference_id	cpe:2.3:a:php:php:5.5.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:::::::*
reference_id	cpe:2.3:a:php:php:5.5.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:::::::*
reference_id	cpe:2.3:a:php:php:5.5.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:::::::*
reference_id	cpe:2.3:a:php:php:5.5.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.16:::::::*
reference_id	cpe:2.3:a:php:php:5.5.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.17:::::::*
reference_id	cpe:2.3:a:php:php:5.5.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.18:::::::*
reference_id	cpe:2.3:a:php:php:5.5.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.19:::::::*
reference_id	cpe:2.3:a:php:php:5.5.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:::::::*
reference_id	cpe:2.3:a:php:php:5.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.20:::::::*
reference_id	cpe:2.3:a:php:php:5.5.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.21:::::::*
reference_id	cpe:2.3:a:php:php:5.5.21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.22:::::::*
reference_id	cpe:2.3:a:php:php:5.5.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.23:::::::*
reference_id	cpe:2.3:a:php:php:5.5.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:::::::*
reference_id	cpe:2.3:a:php:php:5.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:::::::*
reference_id	cpe:2.3:a:php:php:5.5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:::::::*
reference_id	cpe:2.3:a:php:php:5.5.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:::::::*
reference_id	cpe:2.3:a:php:php:5.5.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:::::::*
reference_id	cpe:2.3:a:php:php:5.5.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:::::::*
reference_id	cpe:2.3:a:php:php:5.5.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:::::::*
reference_id	cpe:2.3:a:php:php:5.5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:::::::*
reference_id	cpe:2.3:a:php:php:5.6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:::::::*
reference_id	cpe:2.3:a:php:php:5.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:::::::*
reference_id	cpe:2.3:a:php:php:5.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:::::::*
reference_id	cpe:2.3:a:php:php:5.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:::::::*
reference_id	cpe:2.3:a:php:php:5.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:::::::*
reference_id	cpe:2.3:a:php:php:5.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:::::::*
reference_id	cpe:2.3:a:php:php:5.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:::::::*
reference_id	cpe:2.3:a:php:php:5.6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-4605

reference_id

CVE-2015-4605

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-4605

reference_url	https://access.redhat.com/errata/RHSA-2015:1066
reference_id	RHSA-2015:1066
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1066

reference_url	https://access.redhat.com/errata/RHSA-2015:1135
reference_id	RHSA-2015:1135
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1135

reference_url	https://access.redhat.com/errata/RHSA-2015:1186
reference_id	RHSA-2015:1186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1186

reference_url	https://access.redhat.com/errata/RHSA-2015:1187
reference_id	RHSA-2015:1187
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1187

reference_url	https://usn.ubuntu.com/2658-1/
reference_id	USN-2658-1
reference_type
scores
url	https://usn.ubuntu.com/2658-1/

fixed_packages

url	pkg:deb/debian/file@0?distro=trixie
purl	pkg:deb/debian/file@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@0%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2015-4605

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n1mh-p3k8-73gm

url VCID-nfd8-hxvz-x3au

vulnerability_id VCID-nfd8-hxvz-x3au

summary

Multiple vulnerabilities have been found in file, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9652.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9652.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9652

reference_id

reference_type

scores

value	0.05795
scoring_system	epss
scoring_elements	0.90465
published_at	2026-04-01T12:55:00Z

value	0.05795
scoring_system	epss
scoring_elements	0.90469
published_at	2026-04-02T12:55:00Z

value	0.05795
scoring_system	epss
scoring_elements	0.90481
published_at	2026-04-04T12:55:00Z

value	0.05795
scoring_system	epss
scoring_elements	0.90486
published_at	2026-04-07T12:55:00Z

value	0.05795
scoring_system	epss
scoring_elements	0.90499
published_at	2026-04-08T12:55:00Z

value	0.05795
scoring_system	epss
scoring_elements	0.90505
published_at	2026-04-09T12:55:00Z

value	0.05795
scoring_system	epss
scoring_elements	0.90513
published_at	2026-04-11T12:55:00Z

value	0.05795
scoring_system	epss
scoring_elements	0.90512
published_at	2026-04-12T12:55:00Z

value	0.05795
scoring_system	epss
scoring_elements	0.90506
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9652

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1188599
reference_id	1188599
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1188599

reference_url	https://security.gentoo.org/glsa/201701-42
reference_id	GLSA-201701-42
reference_type
scores
url	https://security.gentoo.org/glsa/201701-42

reference_url	https://access.redhat.com/errata/RHSA-2015:1053
reference_id	RHSA-2015:1053
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1053

reference_url	https://access.redhat.com/errata/RHSA-2015:1066
reference_id	RHSA-2015:1066
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1066

reference_url	https://access.redhat.com/errata/RHSA-2015:1135
reference_id	RHSA-2015:1135
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1135

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

reference_url	https://usn.ubuntu.com/2501-1/
reference_id	USN-2501-1
reference_type
scores
url	https://usn.ubuntu.com/2501-1/

fixed_packages

url	pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie
purl	pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-9652

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nfd8-hxvz-x3au

url VCID-nz42-ntca-nkgw

vulnerability_id VCID-nz42-ntca-nkgw

summary file: heap-based buffer overflow in cdf_read_sat()

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1515.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1515.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-1515

reference_id

reference_type

scores

value	0.04179
scoring_system	epss
scoring_elements	0.8865
published_at	2026-04-01T12:55:00Z

value	0.04179
scoring_system	epss
scoring_elements	0.88659
published_at	2026-04-02T12:55:00Z

value	0.04179
scoring_system	epss
scoring_elements	0.88675
published_at	2026-04-04T12:55:00Z

value	0.04179
scoring_system	epss
scoring_elements	0.88676
published_at	2026-04-07T12:55:00Z

value	0.04179
scoring_system	epss
scoring_elements	0.88694
published_at	2026-04-08T12:55:00Z

value	0.04179
scoring_system	epss
scoring_elements	0.887
published_at	2026-04-09T12:55:00Z

value	0.04179
scoring_system	epss
scoring_elements	0.88712
published_at	2026-04-11T12:55:00Z

value	0.04179
scoring_system	epss
scoring_elements	0.88705
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-1515

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=497913
reference_id	497913
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=497913

fixed_packages

url	pkg:deb/debian/file@5.02-1?distro=trixie
purl	pkg:deb/debian/file@5.02-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.02-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2009-1515

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nz42-ntca-nkgw

url VCID-p13b-2a4m-sbfx

vulnerability_id VCID-p13b-2a4m-sbfx

summary file: do_core_note in readelf.c allows remote attackers to cause a denial of service

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8907.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8907.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-8907

reference_id

reference_type

scores

value	0.00845
scoring_system	epss
scoring_elements	0.74734
published_at	2026-04-01T12:55:00Z

value	0.00845
scoring_system	epss
scoring_elements	0.74779
published_at	2026-04-13T12:55:00Z

value	0.00845
scoring_system	epss
scoring_elements	0.74771
published_at	2026-04-08T12:55:00Z

value	0.00845
scoring_system	epss
scoring_elements	0.74786
published_at	2026-04-09T12:55:00Z

value	0.00845
scoring_system	epss
scoring_elements	0.7481
published_at	2026-04-11T12:55:00Z

value	0.00845
scoring_system	epss
scoring_elements	0.74789
published_at	2026-04-12T12:55:00Z

value	0.00845
scoring_system	epss
scoring_elements	0.74737
published_at	2026-04-02T12:55:00Z

value	0.00845
scoring_system	epss
scoring_elements	0.74764
published_at	2026-04-04T12:55:00Z

value	0.00845
scoring_system	epss
scoring_elements	0.74738
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-8907

reference_url	https://bugs.astron.com/view.php?id=65
reference_id
reference_type
scores
url	https://bugs.astron.com/view.php?id=65

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8907
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8907

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1679138
reference_id	1679138
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1679138

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922968
reference_id	922968
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922968

reference_url	https://security.archlinux.org/ASA-201903-5
reference_id	ASA-201903-5
reference_type
scores
url	https://security.archlinux.org/ASA-201903-5

reference_url

reference_id

AVG-907

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-8907

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:::::::*
reference_id	cpe:2.3:a:file_project:file:5.35:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url

reference_id

CVE-2019-8907

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-8907

reference_url	https://usn.ubuntu.com/3911-1/
reference_id	USN-3911-1
reference_type
scores
url	https://usn.ubuntu.com/3911-1/

fixed_packages

url	pkg:deb/debian/file@1:5.35-3?distro=trixie
purl	pkg:deb/debian/file@1:5.35-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.35-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2019-8907

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p13b-2a4m-sbfx

url VCID-pwh8-7erv-sycw

vulnerability_id VCID-pwh8-7erv-sycw

summary

Vulnerabilities in file could allow a context-dependent attack to
    create a Denial of Service condition.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9621.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9621.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9621

reference_id

reference_type

scores

value	0.01286
scoring_system	epss
scoring_elements	0.79572
published_at	2026-04-01T12:55:00Z

value	0.01286
scoring_system	epss
scoring_elements	0.79578
published_at	2026-04-02T12:55:00Z

value	0.01286
scoring_system	epss
scoring_elements	0.79601
published_at	2026-04-04T12:55:00Z

value	0.01286
scoring_system	epss
scoring_elements	0.79588
published_at	2026-04-07T12:55:00Z

value	0.01286
scoring_system	epss
scoring_elements	0.79617
published_at	2026-04-08T12:55:00Z

value	0.01286
scoring_system	epss
scoring_elements	0.79624
published_at	2026-04-09T12:55:00Z

value	0.01286
scoring_system	epss
scoring_elements	0.79645
published_at	2026-04-11T12:55:00Z

value	0.01286
scoring_system	epss
scoring_elements	0.79629
published_at	2026-04-12T12:55:00Z

value	0.01286
scoring_system	epss
scoring_elements	0.79622
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9621

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9621
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9621

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1180642
reference_id	1180642
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1180642

reference_url	https://security.gentoo.org/glsa/201503-08
reference_id	GLSA-201503-08
reference_type
scores
url	https://security.gentoo.org/glsa/201503-08

reference_url	https://usn.ubuntu.com/3686-1/
reference_id	USN-3686-1
reference_type
scores
url	https://usn.ubuntu.com/3686-1/

fixed_packages

url	pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie
purl	pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-9621

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pwh8-7erv-sycw

url VCID-q9eh-jb32-xfgz

vulnerability_id VCID-q9eh-jb32-xfgz

summary

A vulnerability in file could lead to a Denial of Service
    condition.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10360.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10360.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10360

reference_id

reference_type

scores

value	0.00499
scoring_system	epss
scoring_elements	0.65933
published_at	2026-04-13T12:55:00Z

value	0.01597
scoring_system	epss
scoring_elements	0.81616
published_at	2026-04-01T12:55:00Z

value	0.01597
scoring_system	epss
scoring_elements	0.81679
published_at	2026-04-09T12:55:00Z

value	0.01597
scoring_system	epss
scoring_elements	0.81698
published_at	2026-04-11T12:55:00Z

value	0.01597
scoring_system	epss
scoring_elements	0.81685
published_at	2026-04-12T12:55:00Z

value	0.01597
scoring_system	epss
scoring_elements	0.81627
published_at	2026-04-02T12:55:00Z

value	0.01597
scoring_system	epss
scoring_elements	0.81649
published_at	2026-04-04T12:55:00Z

value	0.01597
scoring_system	epss
scoring_elements	0.81647
published_at	2026-04-07T12:55:00Z

value	0.01597
scoring_system	epss
scoring_elements	0.81674
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10360

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22
reference_id
reference_type
scores
url	https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1590000
reference_id	1590000
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1590000

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901351
reference_id	901351
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901351

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.33:::::::*
reference_id	cpe:2.3:a:file_project:file:5.33:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.33:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-10360

reference_id

CVE-2018-10360

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-10360

reference_url	https://security.gentoo.org/glsa/201806-08
reference_id	GLSA-201806-08
reference_type
scores
url	https://security.gentoo.org/glsa/201806-08

reference_url	https://access.redhat.com/errata/RHSA-2020:1022
reference_id	RHSA-2020:1022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1022

reference_url	https://access.redhat.com/errata/RHSA-2020:2521
reference_id	RHSA-2020:2521
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2521

reference_url	https://access.redhat.com/errata/RHSA-2020:2768
reference_id	RHSA-2020:2768
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2768

reference_url	https://access.redhat.com/errata/RHSA-2020:2838
reference_id	RHSA-2020:2838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2838

reference_url	https://usn.ubuntu.com/3686-1/
reference_id	USN-3686-1
reference_type
scores
url	https://usn.ubuntu.com/3686-1/

reference_url	https://usn.ubuntu.com/3686-2/
reference_id	USN-3686-2
reference_type
scores
url	https://usn.ubuntu.com/3686-2/

fixed_packages

url	pkg:deb/debian/file@1:5.33-3?distro=trixie
purl	pkg:deb/debian/file@1:5.33-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.33-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2018-10360

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q9eh-jb32-xfgz

url VCID-ruyb-ha6b-mbbj

vulnerability_id VCID-ruyb-ha6b-mbbj

summary

The code for parsing ELF headers in file contains a flaw which may allow an
    attacker to execute arbitrary code.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-1304

reference_id

reference_type

scores

value	0.0572
scoring_system	epss
scoring_elements	0.90432
published_at	2026-04-13T12:55:00Z

value	0.0572
scoring_system	epss
scoring_elements	0.90392
published_at	2026-04-01T12:55:00Z

value	0.0572
scoring_system	epss
scoring_elements	0.90394
published_at	2026-04-02T12:55:00Z

value	0.0572
scoring_system	epss
scoring_elements	0.90407
published_at	2026-04-04T12:55:00Z

value	0.0572
scoring_system	epss
scoring_elements	0.90411
published_at	2026-04-07T12:55:00Z

value	0.0572
scoring_system	epss
scoring_elements	0.90425
published_at	2026-04-08T12:55:00Z

value	0.0572
scoring_system	epss
scoring_elements	0.90431
published_at	2026-04-09T12:55:00Z

value	0.0572
scoring_system	epss
scoring_elements	0.90439
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-1304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1304

reference_url	http://securitytracker.com/id?1012433
reference_id
reference_type
scores
url	http://securitytracker.com/id?1012433

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/18368
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/18368

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200412-07.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200412-07.xml

reference_url	http://www.securityfocus.com/bid/11771
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/11771

reference_url	http://www.trustix.net/errata/2004/0063/
reference_id
reference_type
scores
url	http://www.trustix.net/errata/2004/0063/

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.0:::::::*
reference_id	cpe:2.3:a:file:file:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.1:::::::*
reference_id	cpe:2.3:a:file:file:4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.10:::::::*
reference_id	cpe:2.3:a:file:file:4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.11:::::::*
reference_id	cpe:2.3:a:file:file:4.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.2:::::::*
reference_id	cpe:2.3:a:file:file:4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.3:::::::*
reference_id	cpe:2.3:a:file:file:4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.4:::::::*
reference_id	cpe:2.3:a:file:file:4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.5:::::::*
reference_id	cpe:2.3:a:file:file:4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.6:::::::*
reference_id	cpe:2.3:a:file:file:4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.7:::::::*
reference_id	cpe:2.3:a:file:file:4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.8:::::::*
reference_id	cpe:2.3:a:file:file:4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.9:::::::*
reference_id	cpe:2.3:a:file:file:4.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:gentoo:linux::::::::
reference_id	cpe:2.3:o:gentoo:linux::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:gentoo:linux::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.0:::::::*
reference_id	cpe:2.3:o:trustix:secure_linux:2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.1:::::::*
reference_id	cpe:2.3:o:trustix:secure_linux:2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.2:::::::*
reference_id	cpe:2.3:o:trustix:secure_linux:2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:trustix:secure_linux:2.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2004-1304

reference_id

CVE-2004-1304

reference_type

scores

value	10.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2004-1304

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24784.txt
reference_id	CVE-2004-1304;OSVDB-12255
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24784.txt

reference_url	https://www.securityfocus.com/bid/11771/info
reference_id	CVE-2004-1304;OSVDB-12255
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/11771/info

reference_url	https://security.gentoo.org/glsa/200412-07
reference_id	GLSA-200412-07
reference_type
scores
url	https://security.gentoo.org/glsa/200412-07

fixed_packages

url	pkg:deb/debian/file@4.12?distro=trixie
purl	pkg:deb/debian/file@4.12?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@4.12%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2004-1304

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ruyb-ha6b-mbbj

url VCID-sfee-nuzx-dyfq

vulnerability_id VCID-sfee-nuzx-dyfq

summary file: multiple memory corruption issues

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0947.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0947.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-0947

reference_id

reference_type

scores

value	0.00392
scoring_system	epss
scoring_elements	0.601
published_at	2026-04-01T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60177
published_at	2026-04-02T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60202
published_at	2026-04-04T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60171
published_at	2026-04-07T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60221
published_at	2026-04-08T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60235
published_at	2026-04-09T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60257
published_at	2026-04-11T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60243
published_at	2026-04-12T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60226
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-0947

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0947
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0947

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=498682
reference_id	498682
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=498682

fixed_packages

url	pkg:deb/debian/file@5.02-1?distro=trixie
purl	pkg:deb/debian/file@5.02-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.02-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2009-0947

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sfee-nuzx-dyfq

url VCID-sh5e-9eup-pbft

vulnerability_id VCID-sh5e-9eup-pbft

summary security flaw

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0102.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0102.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2003-0102

reference_id

reference_type

scores

value	0.08278
scoring_system	epss
scoring_elements	0.9221
published_at	2026-04-01T12:55:00Z

value	0.08278
scoring_system	epss
scoring_elements	0.92217
published_at	2026-04-02T12:55:00Z

value	0.08278
scoring_system	epss
scoring_elements	0.92223
published_at	2026-04-04T12:55:00Z

value	0.08278
scoring_system	epss
scoring_elements	0.92226
published_at	2026-04-07T12:55:00Z

value	0.08278
scoring_system	epss
scoring_elements	0.92237
published_at	2026-04-08T12:55:00Z

value	0.08278
scoring_system	epss
scoring_elements	0.92241
published_at	2026-04-09T12:55:00Z

value	0.08278
scoring_system	epss
scoring_elements	0.92246
published_at	2026-04-11T12:55:00Z

value	0.08278
scoring_system	epss
scoring_elements	0.92247
published_at	2026-04-12T12:55:00Z

value	0.08278
scoring_system	epss
scoring_elements	0.92244
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2003-0102

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0102
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0102

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1616966
reference_id	1616966
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1616966

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22324.c
reference_id	CVE-2003-0102;OSVDB-6456
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22324.c

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22325.c
reference_id	CVE-2003-0102;OSVDB-6456
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22325.c

reference_url	https://www.securityfocus.com/bid/7008/info
reference_id	CVE-2003-0102;OSVDB-6456
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/7008/info

reference_url	https://access.redhat.com/errata/RHSA-2003:086
reference_id	RHSA-2003:086
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:086

reference_url	https://access.redhat.com/errata/RHSA-2003:087
reference_id	RHSA-2003:087
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:087

fixed_packages

url	pkg:deb/debian/file@3.40-1.1?distro=trixie
purl	pkg:deb/debian/file@3.40-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@3.40-1.1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2003-0102

risk_score 0.2

exploitability 2.0

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sh5e-9eup-pbft

url VCID-t8q1-8y52-e7dp

vulnerability_id VCID-t8q1-8y52-e7dp

summary file: out-of-bounds read in do_core_note in readelf.c

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8906.json

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8906.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-8906

reference_id

reference_type

scores

value	0.00077
scoring_system	epss
scoring_elements	0.22887
published_at	2026-04-01T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22944
published_at	2026-04-13T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22966
published_at	2026-04-08T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23018
published_at	2026-04-09T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23037
published_at	2026-04-11T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22999
published_at	2026-04-12T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23058
published_at	2026-04-02T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.23102
published_at	2026-04-04T12:55:00Z

value	0.00077
scoring_system	epss
scoring_elements	0.22893
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-8906

reference_url	https://bugs.astron.com/view.php?id=64
reference_id
reference_type
scores
url	https://bugs.astron.com/view.php?id=64

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f
reference_id
reference_type
scores
url	https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f

reference_url	https://support.apple.com/kb/HT209599
reference_id
reference_type
scores
url	https://support.apple.com/kb/HT209599

reference_url	https://support.apple.com/kb/HT209600
reference_id
reference_type
scores
url	https://support.apple.com/kb/HT209600

reference_url	https://support.apple.com/kb/HT209601
reference_id
reference_type
scores
url	https://support.apple.com/kb/HT209601

reference_url	https://support.apple.com/kb/HT209602
reference_id
reference_type
scores
url	https://support.apple.com/kb/HT209602

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1679175
reference_id	1679175
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1679175

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922969
reference_id	922969
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922969

reference_url	https://security.archlinux.org/ASA-201903-5
reference_id	ASA-201903-5
reference_type
scores
url	https://security.archlinux.org/ASA-201903-5

reference_url

reference_id

AVG-907

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2019-8906

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:::::::*
reference_id	cpe:2.3:a:file_project:file:5.35:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file:5.35:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::
reference_id	cpe:2.3:o:apple:iphone_os::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::
reference_id	cpe:2.3:o:apple:tvos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::
reference_id	cpe:2.3:o:apple:watchos::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url

reference_id

CVE-2019-8906

reference_type

scores

value	3.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:N/A:P

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2019-8906

reference_url	https://usn.ubuntu.com/3911-1/
reference_id	USN-3911-1
reference_type
scores
url	https://usn.ubuntu.com/3911-1/

fixed_packages

url	pkg:deb/debian/file@1:5.35-3?distro=trixie
purl	pkg:deb/debian/file@1:5.35-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.35-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2019-8906

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t8q1-8y52-e7dp

url VCID-udeq-mpc8-rucw

vulnerability_id VCID-udeq-mpc8-rucw

summary Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3930

reference_id

reference_type

scores

value	0.00876
scoring_system	epss
scoring_elements	0.75235
published_at	2026-04-01T12:55:00Z

value	0.00876
scoring_system	epss
scoring_elements	0.75239
published_at	2026-04-02T12:55:00Z

value	0.00876
scoring_system	epss
scoring_elements	0.75271
published_at	2026-04-04T12:55:00Z

value	0.00876
scoring_system	epss
scoring_elements	0.75247
published_at	2026-04-07T12:55:00Z

value	0.00876
scoring_system	epss
scoring_elements	0.7529
published_at	2026-04-08T12:55:00Z

value	0.00876
scoring_system	epss
scoring_elements	0.753
published_at	2026-04-09T12:55:00Z

value	0.00876
scoring_system	epss
scoring_elements	0.75321
published_at	2026-04-11T12:55:00Z

value	0.00876
scoring_system	epss
scoring_elements	0.75299
published_at	2026-04-12T12:55:00Z

value	0.00876
scoring_system	epss
scoring_elements	0.75288
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3930

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3930
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3930

fixed_packages

url	pkg:deb/debian/file@5.03-1?distro=trixie
purl	pkg:deb/debian/file@5.03-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.03-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2009-3930

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-udeq-mpc8-rucw

url VCID-x969-386f-h7g3

vulnerability_id VCID-x969-386f-h7g3

summary

A vulnerability in file could allow a context-dependent attack to
    create a Denial of Service condition.

references

reference_url	http://advisories.mageia.org/MGASA-2015-0040.html
reference_id
reference_type
scores
url	http://advisories.mageia.org/MGASA-2015-0040.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0760.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0760.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8117.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8117.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-8117

reference_id

reference_type

scores

value	0.16453
scoring_system	epss
scoring_elements	0.94889
published_at	2026-04-13T12:55:00Z

value	0.16453
scoring_system	epss
scoring_elements	0.94852
published_at	2026-04-01T12:55:00Z

value	0.16453
scoring_system	epss
scoring_elements	0.94862
published_at	2026-04-02T12:55:00Z

value	0.16453
scoring_system	epss
scoring_elements	0.94865
published_at	2026-04-04T12:55:00Z

value	0.16453
scoring_system	epss
scoring_elements	0.94868
published_at	2026-04-07T12:55:00Z

value	0.16453
scoring_system	epss
scoring_elements	0.94877
published_at	2026-04-08T12:55:00Z

value	0.16453
scoring_system	epss
scoring_elements	0.9488
published_at	2026-04-09T12:55:00Z

value	0.16453
scoring_system	epss
scoring_elements	0.94885
published_at	2026-04-11T12:55:00Z

value	0.16453
scoring_system	epss
scoring_elements	0.94887
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-8117

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652

reference_url	http://seclists.org/oss-sec/2014/q4/1056
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2014/q4/1056

reference_url	http://secunia.com/advisories/61944
reference_id
reference_type
scores
url	http://secunia.com/advisories/61944

reference_url	http://secunia.com/advisories/62081
reference_id
reference_type
scores
url	http://secunia.com/advisories/62081

reference_url	https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog
reference_id
reference_type
scores
url	https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog

reference_url	https://github.com/file/file/commit/6f737ddfadb596d7d4a993f7ed2141ffd664a81c
reference_id
reference_type
scores
url	https://github.com/file/file/commit/6f737ddfadb596d7d4a993f7ed2141ffd664a81c

reference_url	https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
reference_id
reference_type
scores
url	https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.securityfocus.com/bid/71692
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/71692

reference_url	http://www.securitytracker.com/id/1031344
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1031344

reference_url	http://www.ubuntu.com/usn/USN-2494-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2494-1

reference_url	http://www.ubuntu.com/usn/USN-2535-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2535-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1174606
reference_id	1174606
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1174606

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773148
reference_id	773148
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773148

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file::::::::
reference_id	cpe:2.3:a:file_project:file::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd::::::::
reference_id	cpe:2.3:o:freebsd:freebsd::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:::::::*
reference_id	cpe:2.3:o:mageia:mageia:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:mageia:mageia:4.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-8117

reference_id

CVE-2014-8117

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-8117

reference_url	https://security.gentoo.org/glsa/201412-48
reference_id	GLSA-201412-48
reference_type
scores
url	https://security.gentoo.org/glsa/201412-48

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

reference_url	https://access.redhat.com/errata/RHSA-2016:0760
reference_id	RHSA-2016:0760
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0760

reference_url	https://usn.ubuntu.com/2494-1/
reference_id	USN-2494-1
reference_type
scores
url	https://usn.ubuntu.com/2494-1/

reference_url	https://usn.ubuntu.com/2535-1/
reference_id	USN-2535-1
reference_type
scores
url	https://usn.ubuntu.com/2535-1/

fixed_packages

url	pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie
purl	pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-8117

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x969-386f-h7g3

url VCID-xfmq-b6kr-63hx

vulnerability_id VCID-xfmq-b6kr-63hx

summary A vulnerability in file could result in Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1943.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1943.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-1943

reference_id

reference_type

scores

value	0.21485
scoring_system	epss
scoring_elements	0.95678
published_at	2026-04-01T12:55:00Z

value	0.21485
scoring_system	epss
scoring_elements	0.95688
published_at	2026-04-02T12:55:00Z

value	0.21485
scoring_system	epss
scoring_elements	0.95693
published_at	2026-04-04T12:55:00Z

value	0.21485
scoring_system	epss
scoring_elements	0.95696
published_at	2026-04-07T12:55:00Z

value	0.21485
scoring_system	epss
scoring_elements	0.95704
published_at	2026-04-08T12:55:00Z

value	0.21485
scoring_system	epss
scoring_elements	0.95708
published_at	2026-04-09T12:55:00Z

value	0.21485
scoring_system	epss
scoring_elements	0.95712
published_at	2026-04-11T12:55:00Z

value	0.21485
scoring_system	epss
scoring_elements	0.95711
published_at	2026-04-12T12:55:00Z

value	0.21485
scoring_system	epss
scoring_elements	0.95713
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-1943

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1065836
reference_id	1065836
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1065836

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738832
reference_id	738832
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738832

reference_url	https://security.gentoo.org/glsa/201403-03
reference_id	GLSA-201403-03
reference_type
scores
url	https://security.gentoo.org/glsa/201403-03

reference_url	https://security.gentoo.org/glsa/201408-11
reference_id	GLSA-201408-11
reference_type
scores
url	https://security.gentoo.org/glsa/201408-11

reference_url	https://access.redhat.com/errata/RHSA-2014:1012
reference_id	RHSA-2014:1012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1012

reference_url	https://access.redhat.com/errata/RHSA-2014:1606
reference_id	RHSA-2014:1606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1606

reference_url	https://access.redhat.com/errata/RHSA-2014:1765
reference_id	RHSA-2014:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1765

reference_url	https://usn.ubuntu.com/2123-1/
reference_id	USN-2123-1
reference_type
scores
url	https://usn.ubuntu.com/2123-1/

reference_url	https://usn.ubuntu.com/2126-1/
reference_id	USN-2126-1
reference_type
scores
url	https://usn.ubuntu.com/2126-1/

fixed_packages

url	pkg:deb/debian/file@1:5.17-0.1?distro=trixie
purl	pkg:deb/debian/file@1:5.17-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.17-0.1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-1943

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xfmq-b6kr-63hx

url VCID-xfpj-zu5q-tqa7

vulnerability_id VCID-xfpj-zu5q-tqa7

summary security update

references

reference_url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

reference_url	http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html

reference_url	http://marc.info/?l=bugtraq&m=141017844705317&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=141017844705317&w=2

reference_url	http://mx.gw.com/pipermail/file/2014/001553.html
reference_id
reference_type
scores
url	http://mx.gw.com/pipermail/file/2014/001553.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1765.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1765.html

reference_url	http://rhn.redhat.com/errata/RHSA-2014-1766.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2014-1766.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3487.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3487.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3487

reference_id

reference_type

scores

value	0.19441
scoring_system	epss
scoring_elements	0.95387
published_at	2026-04-13T12:55:00Z

value	0.19441
scoring_system	epss
scoring_elements	0.9535
published_at	2026-04-01T12:55:00Z

value	0.19441
scoring_system	epss
scoring_elements	0.95359
published_at	2026-04-02T12:55:00Z

value	0.19441
scoring_system	epss
scoring_elements	0.95365
published_at	2026-04-04T12:55:00Z

value	0.19441
scoring_system	epss
scoring_elements	0.9537
published_at	2026-04-07T12:55:00Z

value	0.19441
scoring_system	epss
scoring_elements	0.95377
published_at	2026-04-08T12:55:00Z

value	0.19441
scoring_system	epss
scoring_elements	0.9538
published_at	2026-04-09T12:55:00Z

value	0.19441
scoring_system	epss
scoring_elements	0.95384
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3487

reference_url	https://bugs.php.net/bug.php?id=67413
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=67413

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721

reference_url	http://secunia.com/advisories/59794
reference_id
reference_type
scores
url	http://secunia.com/advisories/59794

reference_url	http://secunia.com/advisories/59831
reference_id
reference_type
scores
url	http://secunia.com/advisories/59831

reference_url	https://github.com/file/file/commit/93e063ee374b6a75729df9e7201fb511e47e259d
reference_id
reference_type
scores
url	https://github.com/file/file/commit/93e063ee374b6a75729df9e7201fb511e47e259d

reference_url	https://support.apple.com/HT204659
reference_id
reference_type
scores
url	https://support.apple.com/HT204659

reference_url	http://support.apple.com/kb/HT6443
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT6443

reference_url	http://www.debian.org/security/2014/dsa-2974
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-2974

reference_url	http://www.debian.org/security/2014/dsa-3021
reference_id
reference_type
scores
url	http://www.debian.org/security/2014/dsa-3021

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.php.net/ChangeLog-5.php
reference_id
reference_type
scores
url	http://www.php.net/ChangeLog-5.php

reference_url	http://www.securityfocus.com/bid/68120
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/68120

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1107544
reference_id	1107544
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1107544

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file::::::::
reference_id	cpe:2.3:a:file_project:file::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file_project:file::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_id	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::
reference_id	cpe:2.3:o:oracle:linux:7:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-3487

reference_id

CVE-2014-3487

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-3487

reference_url	https://access.redhat.com/errata/RHSA-2014:1013
reference_id	RHSA-2014:1013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1013

reference_url	https://access.redhat.com/errata/RHSA-2014:1765
reference_id	RHSA-2014:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1765

reference_url	https://access.redhat.com/errata/RHSA-2014:1766
reference_id	RHSA-2014:1766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1766

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

reference_url	https://usn.ubuntu.com/2276-1/
reference_id	USN-2276-1
reference_type
scores
url	https://usn.ubuntu.com/2276-1/

reference_url	https://usn.ubuntu.com/2278-1/
reference_id	USN-2278-1
reference_type
scores
url	https://usn.ubuntu.com/2278-1/

fixed_packages

url	pkg:deb/debian/file@1:5.19-1?distro=trixie
purl	pkg:deb/debian/file@1:5.19-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-3487

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xfpj-zu5q-tqa7

url VCID-xmxy-f5cc-qygp

vulnerability_id VCID-xmxy-f5cc-qygp

summary security update

references

reference_url

http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html

reference_url

http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

http://rhn.redhat.com/errata/RHSA-2014-1327.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

http://rhn.redhat.com/errata/RHSA-2014-1327.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3478

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3478.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3478.json

reference_url

reference_id

reference_type

scores

value	0.25344
scoring_system	epss
scoring_elements	0.96168
published_at	2026-04-01T12:55:00Z

value	0.25344
scoring_system	epss
scoring_elements	0.96176
published_at	2026-04-02T12:55:00Z

value	0.25344
scoring_system	epss
scoring_elements	0.96183
published_at	2026-04-04T12:55:00Z

value	0.25344
scoring_system	epss
scoring_elements	0.96186
published_at	2026-04-07T12:55:00Z

value	0.25344
scoring_system	epss
scoring_elements	0.96196
published_at	2026-04-08T12:55:00Z

value	0.25344
scoring_system	epss
scoring_elements	0.96199
published_at	2026-04-09T12:55:00Z

value	0.25344
scoring_system	epss
scoring_elements	0.96203
published_at	2026-04-11T12:55:00Z

value	0.25344
scoring_system	epss
scoring_elements	0.96202
published_at	2026-04-12T12:55:00Z

value	0.25344
scoring_system	epss
scoring_elements	0.96205
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3478

reference_url

https://bugs.php.net/bug.php?id=67410

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

https://bugs.php.net/bug.php?id=67410

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

reference_url

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

http://www.securityfocus.com/bid/68239

reference_url

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/

url

http://www.securityfocus.com/bid/68239

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1104863
reference_id	1104863
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1104863

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file::::::::
reference_id	cpe:2.3:a:christos_zoulas:file::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.00:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.00:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.00:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.01:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.01:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.01:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.02:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.02:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.02:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.03:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.03:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.03:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.04:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.05:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.05:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.05:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.06:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.06:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.06:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.07:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.07:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.07:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.08:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.08:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.08:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.09:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.09:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.09:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.10:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.11:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.12:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.13:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.14:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.15:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.16:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.17:::::::*
reference_id	cpe:2.3:a:christos_zoulas:file:5.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:christos_zoulas:file:5.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:::::::*
reference_id	cpe:2.3:a:php:php:5.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:::::::*
reference_id	cpe:2.3:a:php:php:5.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:::::::*
reference_id	cpe:2.3:a:php:php:5.4.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:::::::*
reference_id	cpe:2.3:a:php:php:5.4.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:::::::*
reference_id	cpe:2.3:a:php:php:5.4.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc1::::::
reference_id	cpe:2.3:a:php:php:5.4.12:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc2::::::
reference_id	cpe:2.3:a:php:php:5.4.12:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.12:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:::::::*
reference_id	cpe:2.3:a:php:php:5.4.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:rc1::::::
reference_id	cpe:2.3:a:php:php:5.4.13:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.13:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:::::::*
reference_id	cpe:2.3:a:php:php:5.4.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:rc1::::::
reference_id	cpe:2.3:a:php:php:5.4.14:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.14:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:rc1::::::
reference_id	cpe:2.3:a:php:php:5.4.15:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.15:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.16:rc1::::::
reference_id	cpe:2.3:a:php:php:5.4.16:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.16:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.17:::::::*
reference_id	cpe:2.3:a:php:php:5.4.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.18:::::::*
reference_id	cpe:2.3:a:php:php:5.4.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.19:::::::*
reference_id	cpe:2.3:a:php:php:5.4.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:::::::*
reference_id	cpe:2.3:a:php:php:5.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.20:::::::*
reference_id	cpe:2.3:a:php:php:5.4.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.21:::::::*
reference_id	cpe:2.3:a:php:php:5.4.21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.22:::::::*
reference_id	cpe:2.3:a:php:php:5.4.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.23:::::::*
reference_id	cpe:2.3:a:php:php:5.4.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.24:::::::*
reference_id	cpe:2.3:a:php:php:5.4.24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.24:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.25:::::::*
reference_id	cpe:2.3:a:php:php:5.4.25:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.25:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.26:::::::*
reference_id	cpe:2.3:a:php:php:5.4.26:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.26:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.27:::::::*
reference_id	cpe:2.3:a:php:php:5.4.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.27:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.28:::::::*
reference_id	cpe:2.3:a:php:php:5.4.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:::::::*
reference_id	cpe:2.3:a:php:php:5.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:::::::*
reference_id	cpe:2.3:a:php:php:5.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:::::::*
reference_id	cpe:2.3:a:php:php:5.4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:::::::*
reference_id	cpe:2.3:a:php:php:5.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:::::::*
reference_id	cpe:2.3:a:php:php:5.4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:::::::*
reference_id	cpe:2.3:a:php:php:5.4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:::::::*
reference_id	cpe:2.3:a:php:php:5.4.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.4.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:::::::*
reference_id	cpe:2.3:a:php:php:5.5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1::::::
reference_id	cpe:2.3:a:php:php:5.5.0:alpha1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2::::::
reference_id	cpe:2.3:a:php:php:5.5.0:alpha2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3::::::
reference_id	cpe:2.3:a:php:php:5.5.0:alpha3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4::::::
reference_id	cpe:2.3:a:php:php:5.5.0:alpha4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5::::::
reference_id	cpe:2.3:a:php:php:5.5.0:alpha5::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha5::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6::::::
reference_id	cpe:2.3:a:php:php:5.5.0:alpha6::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:alpha6::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1::::::
reference_id	cpe:2.3:a:php:php:5.5.0:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2::::::
reference_id	cpe:2.3:a:php:php:5.5.0:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3::::::
reference_id	cpe:2.3:a:php:php:5.5.0:beta3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4::::::
reference_id	cpe:2.3:a:php:php:5.5.0:beta4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:beta4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1::::::
reference_id	cpe:2.3:a:php:php:5.5.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2::::::
reference_id	cpe:2.3:a:php:php:5.5.0:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.0:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:::::::*
reference_id	cpe:2.3:a:php:php:5.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.1:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:::::::*
reference_id	cpe:2.3:a:php:php:5.5.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.10:::::::*

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:::::::*
reference_id	cpe:2.3:a:php:php:5.5.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.11:::::::*

102

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:::::::*
reference_id	cpe:2.3:a:php:php:5.5.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.12:::::::*

103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:::::::*
reference_id	cpe:2.3:a:php:php:5.5.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.13:::::::*

104

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:::::::*
reference_id	cpe:2.3:a:php:php:5.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.2:::::::*

105

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:::::::*
reference_id	cpe:2.3:a:php:php:5.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.3:::::::*

106

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:::::::*
reference_id	cpe:2.3:a:php:php:5.5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.4:::::::*

107

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:::::::*
reference_id	cpe:2.3:a:php:php:5.5.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.5:::::::*

108

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:::::::*
reference_id	cpe:2.3:a:php:php:5.5.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.6:::::::*

109

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:::::::*
reference_id	cpe:2.3:a:php:php:5.5.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.7:::::::*

110

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:::::::*
reference_id	cpe:2.3:a:php:php:5.5.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.8:::::::*

111

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:::::::*
reference_id	cpe:2.3:a:php:php:5.5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.5.9:::::::*

112

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-3478

reference_id

CVE-2014-3478

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2014-3478

113

reference_url	https://access.redhat.com/errata/RHSA-2014:1327
reference_id	RHSA-2014:1327
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1327

114

reference_url	https://access.redhat.com/errata/RHSA-2014:1765
reference_id	RHSA-2014:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1765

115

reference_url	https://access.redhat.com/errata/RHSA-2014:1766
reference_id	RHSA-2014:1766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1766

116

reference_url	https://access.redhat.com/errata/RHSA-2015:2155
reference_id	RHSA-2015:2155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2155

117

reference_url	https://usn.ubuntu.com/2276-1/
reference_id	USN-2276-1
reference_type
scores
url	https://usn.ubuntu.com/2276-1/

118

reference_url	https://usn.ubuntu.com/2278-1/
reference_id	USN-2278-1
reference_type
scores
url	https://usn.ubuntu.com/2278-1/

fixed_packages

url	pkg:deb/debian/file@1:5.19-1?distro=trixie
purl	pkg:deb/debian/file@1:5.19-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2014-3478

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xmxy-f5cc-qygp

url VCID-y3q6-fuvj-sfba

vulnerability_id VCID-y3q6-fuvj-sfba

summary

An integer underflow vulnerability has been reported in The Sleuth Kit
    allowing for the user-assisted execution of arbitrary code.

references

reference_url	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc
reference_id
reference_type
scores
url	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-001.txt.asc

reference_url	http://docs.info.apple.com/article.html?artnum=307562
reference_id
reference_type
scores
url	http://docs.info.apple.com/article.html?artnum=307562

reference_url	http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

reference_url	http://osvdb.org/38498
reference_id
reference_type
scores
url	http://osvdb.org/38498

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2799.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2799.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-2799

reference_id

reference_type

scores

value	0.03487
scoring_system	epss
scoring_elements	0.87578
published_at	2026-04-13T12:55:00Z

value	0.03487
scoring_system	epss
scoring_elements	0.87524
published_at	2026-04-01T12:55:00Z

value	0.03487
scoring_system	epss
scoring_elements	0.87534
published_at	2026-04-02T12:55:00Z

value	0.03487
scoring_system	epss
scoring_elements	0.87547
published_at	2026-04-04T12:55:00Z

value	0.03487
scoring_system	epss
scoring_elements	0.87549
published_at	2026-04-07T12:55:00Z

value	0.03487
scoring_system	epss
scoring_elements	0.87568
published_at	2026-04-08T12:55:00Z

value	0.03487
scoring_system	epss
scoring_elements	0.87575
published_at	2026-04-09T12:55:00Z

value	0.03487
scoring_system	epss
scoring_elements	0.87586
published_at	2026-04-11T12:55:00Z

value	0.03487
scoring_system	epss
scoring_elements	0.87582
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-2799

reference_url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=241022

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799

reference_url	http://secunia.com/advisories/25394
reference_id
reference_type
scores
url	http://secunia.com/advisories/25394

reference_url	http://secunia.com/advisories/25544
reference_id
reference_type
scores
url	http://secunia.com/advisories/25544

reference_url	http://secunia.com/advisories/25578
reference_id
reference_type
scores
url	http://secunia.com/advisories/25578

reference_url	http://secunia.com/advisories/25931
reference_id
reference_type
scores
url	http://secunia.com/advisories/25931

reference_url	http://secunia.com/advisories/26203
reference_id
reference_type
scores
url	http://secunia.com/advisories/26203

reference_url	http://secunia.com/advisories/26294
reference_id
reference_type
scores
url	http://secunia.com/advisories/26294

reference_url	http://secunia.com/advisories/26415
reference_id
reference_type
scores
url	http://secunia.com/advisories/26415

reference_url	http://secunia.com/advisories/29179
reference_id
reference_type
scores
url	http://secunia.com/advisories/29179

reference_url	http://secunia.com/advisories/29420
reference_id
reference_type
scores
url	http://secunia.com/advisories/29420

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/34731
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/34731

reference_url	https://issues.rpath.com/browse/RPL-1311
reference_id
reference_type
scores
url	https://issues.rpath.com/browse/RPL-1311

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11012
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11012

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2007-290.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2007-290.htm

reference_url	http://www.amavis.org/security/asa-2007-3.txt
reference_id
reference_type
scores
url	http://www.amavis.org/security/asa-2007-3.txt

reference_url	http://www.debian.org/security/2007/dsa-1343
reference_id
reference_type
scores
url	http://www.debian.org/security/2007/dsa-1343

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200705-25.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200705-25.xml

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:114
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2007:114

reference_url	http://www.novell.com/linux/security/advisories/2007_40_file.html
reference_id
reference_type
scores
url	http://www.novell.com/linux/security/advisories/2007_40_file.html

reference_url	http://www.redhat.com/support/errata/RHSA-2007-0391.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2007-0391.html

reference_url	http://www.securityfocus.com/archive/1/469520/30/6420/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/469520/30/6420/threaded

reference_url	http://www.securityfocus.com/bid/24146
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/24146

reference_url	http://www.securitytracker.com/id?1018140
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1018140

reference_url	http://www.trustix.org/errata/2007/0024/
reference_id
reference_type
scores
url	http://www.trustix.org/errata/2007/0024/

reference_url	http://www.ubuntu.com/usn/usn-439-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-439-2

reference_url	http://www.vupen.com/english/advisories/2007/2071
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/2071

reference_url	http://www.vupen.com/english/advisories/2008/0924/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/0924/references

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=241022
reference_id	241022
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=241022

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428293
reference_id	428293
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428293

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.2:::::::*
reference_id	cpe:2.3:a:file:file:4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:file:file:4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sleuth_kit:the_sleuth_kith::::::::
reference_id	cpe:2.3:a:sleuth_kit:the_sleuth_kith::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sleuth_kit:the_sleuth_kith::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2007-2799

reference_id

CVE-2007-2799

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2007-2799

reference_url	https://security.gentoo.org/glsa/200705-25
reference_id	GLSA-200705-25
reference_type
scores
url	https://security.gentoo.org/glsa/200705-25

reference_url	https://security.gentoo.org/glsa/200710-19
reference_id	GLSA-200710-19
reference_type
scores
url	https://security.gentoo.org/glsa/200710-19

reference_url	https://access.redhat.com/errata/RHSA-2007:0391
reference_id	RHSA-2007:0391
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0391

reference_url	https://usn.ubuntu.com/439-2/
reference_id	USN-439-2
reference_type
scores
url	https://usn.ubuntu.com/439-2/

fixed_packages

url	pkg:deb/debian/file@4.21-1?distro=trixie
purl	pkg:deb/debian/file@4.21-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@4.21-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2007-2799

risk_score 2.3

exploitability 0.5

weighted_severity 4.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y3q6-fuvj-sfba

url VCID-zkut-a5an-r7ae

vulnerability_id VCID-zkut-a5an-r7ae

summary

Multiple vulnerabilities have been found in file, the worst of
    which could allow remote attackers to execute arbitrary code.

references

reference_url	http://bugs.gw.com/view.php?id=522
reference_id
reference_type
scores
url	http://bugs.gw.com/view.php?id=522

reference_url	http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fe13566c93f118a15a96320a546c7878fd0cfc5e
reference_id
reference_type
scores
url	http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=fe13566c93f118a15a96320a546c7878fd0cfc5e

reference_url	http://lists.apple.com/archives/security-announce/2016/May/msg00004.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/May/msg00004.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00057.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2750.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2750.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8865.json

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8865.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8865

reference_id

reference_type

scores

value	0.01014
scoring_system	epss
scoring_elements	0.77084
published_at	2026-04-01T12:55:00Z

value	0.01014
scoring_system	epss
scoring_elements	0.77146
published_at	2026-04-13T12:55:00Z

value	0.01014
scoring_system	epss
scoring_elements	0.77144
published_at	2026-04-09T12:55:00Z

value	0.01014
scoring_system	epss
scoring_elements	0.77172
published_at	2026-04-11T12:55:00Z

value	0.01014
scoring_system	epss
scoring_elements	0.77151
published_at	2026-04-12T12:55:00Z

value	0.01014
scoring_system	epss
scoring_elements	0.7709
published_at	2026-04-02T12:55:00Z

value	0.01014
scoring_system	epss
scoring_elements	0.7712
published_at	2026-04-04T12:55:00Z

value	0.01014
scoring_system	epss
scoring_elements	0.77102
published_at	2026-04-07T12:55:00Z

value	0.01014
scoring_system	epss
scoring_elements	0.77135
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8865

reference_url	https://bugs.php.net/bug.php?id=71527
reference_id
reference_type
scores
url	https://bugs.php.net/bug.php?id=71527

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8865
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8865

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4070
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4070

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4071
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4071

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4072
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4072

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4073
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4073

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36
reference_id
reference_type
scores
url	https://github.com/file/file/commit/6713ca45e7757297381f4b4cdb9cf5e624a9ad36

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731

reference_url	https://security.gentoo.org/glsa/201611-22
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201611-22

reference_url	https://support.apple.com/HT206567
reference_id
reference_type
scores
url	https://support.apple.com/HT206567

reference_url	http://www.debian.org/security/2016/dsa-3560
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3560

reference_url	http://www.openwall.com/lists/oss-security/2016/04/24/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/04/24/1

reference_url	http://www.php.net/ChangeLog-5.php
reference_id
reference_type
scores
url	http://www.php.net/ChangeLog-5.php

reference_url	http://www.php.net/ChangeLog-7.php
reference_id
reference_type
scores
url	http://www.php.net/ChangeLog-7.php

reference_url	http://www.securityfocus.com/bid/85802
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/85802

reference_url	http://www.ubuntu.com/usn/USN-2952-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2952-1

reference_url	http://www.ubuntu.com/usn/USN-2952-2
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2952-2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1323118
reference_id	1323118
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1323118

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827377
reference_id	827377
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827377

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::
reference_id	cpe:2.3:a:php:php::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha1::::::
reference_id	cpe:2.3:a:php:php:5.6.0:alpha1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha2::::::
reference_id	cpe:2.3:a:php:php:5.6.0:alpha2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha3::::::
reference_id	cpe:2.3:a:php:php:5.6.0:alpha3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha4::::::
reference_id	cpe:2.3:a:php:php:5.6.0:alpha4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha5::::::
reference_id	cpe:2.3:a:php:php:5.6.0:alpha5::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:alpha5::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta1::::::
reference_id	cpe:2.3:a:php:php:5.6.0:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta2::::::
reference_id	cpe:2.3:a:php:php:5.6.0:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta3::::::
reference_id	cpe:2.3:a:php:php:5.6.0:beta3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta4::::::
reference_id	cpe:2.3:a:php:php:5.6.0:beta4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.0:beta4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:::::::*
reference_id	cpe:2.3:a:php:php:5.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.10:::::::*
reference_id	cpe:2.3:a:php:php:5.6.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.11:::::::*
reference_id	cpe:2.3:a:php:php:5.6.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.12:::::::*
reference_id	cpe:2.3:a:php:php:5.6.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.13:::::::*
reference_id	cpe:2.3:a:php:php:5.6.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.14:::::::*
reference_id	cpe:2.3:a:php:php:5.6.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.15:::::::*
reference_id	cpe:2.3:a:php:php:5.6.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.16:::::::*
reference_id	cpe:2.3:a:php:php:5.6.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.17:::::::*
reference_id	cpe:2.3:a:php:php:5.6.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.18:::::::*
reference_id	cpe:2.3:a:php:php:5.6.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.19:::::::*
reference_id	cpe:2.3:a:php:php:5.6.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:::::::*
reference_id	cpe:2.3:a:php:php:5.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:::::::*
reference_id	cpe:2.3:a:php:php:5.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:::::::*
reference_id	cpe:2.3:a:php:php:5.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:::::::*
reference_id	cpe:2.3:a:php:php:5.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:::::::*
reference_id	cpe:2.3:a:php:php:5.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:::::::*
reference_id	cpe:2.3:a:php:php:5.6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.8:::::::*
reference_id	cpe:2.3:a:php:php:5.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.9:::::::*
reference_id	cpe:2.3:a:php:php:5.6.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:5.6.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.0:::::::*
reference_id	cpe:2.3:a:php:php:7.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.1:::::::*
reference_id	cpe:2.3:a:php:php:7.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.2:::::::*
reference_id	cpe:2.3:a:php:php:7.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.3:::::::*
reference_id	cpe:2.3:a:php:php:7.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.4:::::::*
reference_id	cpe:2.3:a:php:php:7.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8865

reference_id

CVE-2015-8865

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8865

reference_url	https://security.gentoo.org/glsa/201701-42
reference_id	GLSA-201701-42
reference_type
scores
url	https://security.gentoo.org/glsa/201701-42

reference_url	https://access.redhat.com/errata/RHSA-2016:2750
reference_id	RHSA-2016:2750
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2750

reference_url	https://usn.ubuntu.com/2984-1/
reference_id	USN-2984-1
reference_type
scores
url	https://usn.ubuntu.com/2984-1/

reference_url	https://usn.ubuntu.com/3686-1/
reference_id	USN-3686-1
reference_type
scores
url	https://usn.ubuntu.com/3686-1/

reference_url	https://usn.ubuntu.com/3686-2/
reference_id	USN-3686-2
reference_type
scores
url	https://usn.ubuntu.com/3686-2/

fixed_packages

url	pkg:deb/debian/file@1:5.24-1?distro=trixie
purl	pkg:deb/debian/file@1:5.24-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.24-1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.44-3?distro=trixie
purl	pkg:deb/debian/file@1:5.44-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie

url	pkg:deb/debian/file@1:5.46-5?distro=trixie
purl	pkg:deb/debian/file@1:5.46-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie

aliases CVE-2015-8865

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zkut-a5an-r7ae

url VCID-zqgq-d1nu-qbd5

vulnerability_id VCID-zqgq-d1nu-qbd5

summary file: stack-based buffer over-read in do_bid_note in readelf.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8904.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8904.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-8904

reference_id

reference_type

scores

value	0.00573
scoring_system	epss
scoring_elements	0.68638
published_at	2026-04-01T12:55:00Z

value	0.00573
scoring_system	epss
scoring_elements	0.687
published_at	2026-04-13T12:55:00Z

value	0.00573
scoring_system	epss
scoring_elements	0.68702
published_at	2026-04-08T12:55:00Z

value	0.00573
scoring_system	epss
scoring_elements	0.6872
published_at	2026-04-09T12:55:00Z

value	0.00573
scoring_system	epss
scoring_elements	0.68743
published_at	2026-04-11T12:55:00Z

value	0.00573
scoring_system	epss
scoring_elements	0.68729
published_at	2026-04-12T12:55:00Z

value	0.00573
scoring_system	epss
scoring_elements	0.68655
published_at	2026-04-02T12:55:00Z

value	0.00573
scoring_system	epss
scoring_elements	0.68674
published_at	2026-04-04T12:55:00Z

value	0.00573
scoring_system	epss
scoring_elements	0.68651
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-8904

reference_url	https://bugs.astron.com/view.php?id=62
reference_id
reference_type
scores
url	https://bugs.astron.com/view.php?id=62

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8904
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8904

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.securityfocus.com/bid/107130
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107130

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1679188
reference_id	1679188
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1679188

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922967
reference_id	922967
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922967

reference_url	https://security.archlinux.org/ASA-201903-5
reference_id	ASA-201903-5
reference_type
scores
url	https://security.archlinux.org/ASA-201903-5

reference_url

reference_id

AVG-907

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url